How is QID 15018 - DNS Zone Transfer detected?

Document created by kb-author-1 Employee on May 19, 2010Last modified by eschamp on Sep 2, 2010
Version 2Show Document
  • View in full screen mode

Issue:

How is QID 15018 - DNS Zone Transfer detected?

 

Solution:

The test for QID 15018 can be verified manually from a command line.

 

From a Windows command line, type the following commands and press Enter after each line:

nslookup
server TARGET_DNS_SERVER_IP
set type=any
ls -d TARGET_DOMAIN

 

where:

TARGET_DNS_SERVER_IP is the IP address of the DNS server that QID 15018 was posted on.

TARGET_DOMAIN is the domain that the DNS Zone Transfer is being attempted on.

 

From a Linux command line, type the following command:

dig @TARGET_DNS_SERVER_IP -t AXFR TARGET_DOMAIN

If the resulting output displays the zone information for the domain, the issue has been successfully reproduced.

 

Qualys Support KnowledgeBase

http://community.qualys.com/community/kb

Attachments

    Outcomes