TLD Survey:Risks

• Closed to Zone Transfer

  • Con

    • AXFR is easily detected & logged separately
    • Almost all information can be obtained the “hard way”

      • Usually NOT logged (causes too much load)
    • More difficult to debug remotely

      • Most DNS debugging tools depend on AXFR
    • More management overhead

      • Adding new secondaries, secondaries changing IP addresses, etc…

        • However, BIND 9 allows you to secure with crypto key instead

Previous slide

Next slide

Back to first slide

View graphic version