Open EpicVoyage opened 2 years ago
By default AXFR requests are enabled:
# dig axfr example.com @dns.server.com
This is considered to be a security issue because of the information disclosed:
https://beaglesecurity.com/blog/vulnerability/dns-zone-transfer.html
Could we disable it by default?:
options { allow-transfer { "none"; }; ... }
By default AXFR requests are enabled:
This is considered to be a security issue because of the information disclosed:
https://beaglesecurity.com/blog/vulnerability/dns-zone-transfer.html
Could we disable it by default?: