A remote unauthenticated user may observe internal network structure, learning information useful for other directed attacks.
Solution
Allow by configuration a flag if stream-dns allow AXFR request.
We should do this through an environment variable: DNS_ALLOW_AXFR.
By default, stream-dns must reject all AXFR request.
Impact
A remote unauthenticated user may observe internal network structure, learning information useful for other directed attacks.
Solution
Allow by configuration a flag if stream-dns allow AXFR request. We should do this through an environment variable:
DNS_ALLOW_AXFR. By default, stream-dns must reject all AXFR request.