Difference between revisions of "HIDS 12145"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "'''Log example:''' server named[5141]: client 1.2.3.4#64003: zone transfer `somedomain.com/AXFR/IN` denied '''Explanation:''' This log entry shows that the DNS server is deny...")
 

Latest revision as of 10:43, 18 January 2012

Log example:

server named[5141]: client 1.2.3.4#64003: zone transfer `somedomain.com/AXFR/IN` denied

Explanation:

This log entry shows that the DNS server is denying a system from performing a zone transfer. A zone transfer is a request to access all DNS data for a domain. This is normal for a trusted DNS server to do that is authoritative for the domain, but not normal or required for any other server.

Attackers may use this method to perform reconnaissance on servers before an attack.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_12145&oldid=2074"