Hey all, I mentioned this in Twitter, but thought I'd bring it up here. I was doing some looking at a few domains that we own decided to try doing a zone transfers of them. The first zone I tried was hosted with GoDaddy and I didn't have high hopes for them. I was pleasantly surprised to see that my zone transfer requests were denied. Then I decided to check one hosted with AT&T. Sure enough, they allow full zone transfers of anything they host.
I talked to one of my co-workers and he confirmed that he had noticed this too and that attempts had already been made to get AT&T to fix this. No success though. Oddly enough, AT&T hosts *their* domains on different DNS servers which do NOT allow zone transfers. Go figure... So this message has two purposes in it. First, if you host your DNS with AT&T you might consider moving to someone else or (at a minimum) make sure that no internal IP addresses sneak into the public DNS hosting. Second, I figured all you penetration testers might be interested in full maps of clients who use AT&T's DNS hosting. Have fun. Jason -- irc: Tadaka Twitter: Jason_Wood jwnetworkconsulting.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
