I was looking through some logs today, and this one caught my eye:

Aug 5 07:51:01 dax named[90967]: client 129.79.247.103#46566: view external: zone transfer 'kamichoff.com/AXFR/IN' denied

(I always go back and forth on whether I should be allowing TCP DNS queries, or not.  On one hand, it makes DNSreport happy, and will handle tons of RRs for an object, if I ever need that many.  On the other hand, I'm opening up my servers to undisclosed vulerabilities in named, etc.)

Anyway, 129.79.247.103 is…

% host 129.79.247.103
103.247.79.129.in-addr.arpa domain name pointer DNS-RESEARCH-SERVER-FOR-MORE-INFO-SEE-DNS-TXT-ENTRY-FOR-hulk.cs.indiana.edu.
% host -t TXT hulk.cs.indiana.edu.
hulk.cs.indiana.edu descriptive text "DNS RESEARCH INFO AT http://www.cs.indiana.edu/cgi-pub/cshue/zone_transfers.php"

If you go there, it's apparently a project with the goal of gathering statistics on the percentage of servers out there that allow unrestricted zone transfers.  I suppose, as always, the results will be depressing.

New comments are currently disabled for this entry.