[Owasp-leaders] Zone transfer
jeff.williams at owasp.org
Thu Jun 10 18:25:28 EDT 2010
I sent a message to Larry - anyone willing to put together a wiki page on
the subject so it's ready? We should be able to pull from the (extensive
shall we say) discussion on the list.
From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Rogan Dawes
Sent: Wednesday, June 09, 2010 8:29 AM
To: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] Zone transfer
On 2010/06/09 2:26 PM, Victor Chapela wrote:
> I agree completely with promoting proper risk management.
> I suggest we add three or four A records to the DNS, that when
> transfered, state this point. These records could be:
> Finally, we could have zone-transfer.owasp.org pointing to a page
> that explains our risk management philosophy. This page could be
> titled "Why do we leave our DNS zone transfer on?"
> Regards, Victor Chapela
Hehe, I like that approach.
If anyone is actually looking at the results from doing the AXFR, they
will avoid making a fool of themselves.
Otherwise . . .
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
More information about the OWASP-Leaders