-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zone transfers happen on 53/TCP, rather than the 53/UDP that is used for typical lookups.
As such, if your DNS server is behind a firewall you have the option of layered security. You can configure your DNS server as below -- to only allow zone transfers from known servers (those which serve as secondarys for the domains that that server is authoritative for at a minimum) and only allow 53/TCP connections from those systems. Just in case. :) - -- Charlie > Hi Fred, > > Yes, it's possible. > But depends on how the DNS server is configured. > It's necessary that DNS server is allowing zone transfers. > To get the records, install another DNS server and initiate a > zone transfer > to the other DNS server. > It's a best pratice to allow zone transfers only to known servers. > > Regards, > > Marco Araujo > MCSE > Recife/PE - Brasil > > > > > > >From: "Fred Dirkse - OIC Group, Inc." <[EMAIL PROTECTED]> > >To: <[EMAIL PROTECTED]> > >Subject: DNS Records > >Date: Tue, 17 Jun 2003 16:26:27 -0500 > > > >Is it possible to point to a DNS server and somehow get ALL > records from it > >(ie - return all the domain records that server is > authoratative for)? > >If so, how? and how could one stop it from happening if so? > > > >Regards, > >Fred > > > > > >------------------------------------------------------------- > -------------- > >Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by > top analysts! > >The Gartner Group just put Neoteris in the top of its Magic > >Quadrant, while InStat has confirmed Neoteris as the leader in > >marketshare. > > > >Find out why, and see how you can get plug-n-play secure > remote access in > >about an hour, with no client, server changes, or ongoing > maintenance. > > > >Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > >------------------------------------------------------------- > --------------- > > > > _________________________________________________________________ > MSN 8 with e-mail virus protection service: 2 months FREE* > http://join.msn.com/?page=features/virus > > > -------------------------------------------------------------- > ------------- > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by > top analysts! > The Gartner Group just put Neoteris in the top of its Magic > Quadrant, while InStat has confirmed Neoteris as the leader in > marketshare. > > Find out why, and see how you can get plug-n-play secure > remote access in > about an hour, with no client, server changes, or ongoing > maintenance. > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > -------------------------------------------------------------- > -------------- > -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBPvD1VMrtF6HAen5cEQKUcgCfRZh26zXFG6X813qWwocEF+lQlc8AoO18 fJaXLKrTkSn1wSKrgEcrSw6d =/xl7 -----END PGP SIGNATURE----- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
