DNS zone transfers?

JayrodEFJayrodEF Member Posts: 111 ■□□□□□□□□□
I was doing a practice test this morning for the 291 and came across a DNS question. The question doesn't really matter I don't think, but the testing program said the answer was to configure a DNS server to allow zone transfers to a particular Windows XP client computer. I was under the impression that zone transfers only happened between DNS servers. So I'm wondering if it is actually possible to have a zone transfer to an XP client computer and if so, why exactly would this be beneficial since the explanation didn't really clear things up. Thanks!

Comments

  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    This is actually a fun and good thing to lab. Since I learned about it I already have been using zone transfer information at work. When I am looking for a computer name that I don't know I can perform a zone transfer and find the computer name in that list.

    Install a DNS server and go to the zone transfer tab.
    Add your workstation to the list of IPs allowed to request a zone transfer.
    Go to your workstation and go into a command prompt. Type in nslookup then type ls -d yourzonethatyoumade.com

    It will perform a zone transfer to your computer and you are able to see all records transfered as if you were receiving a real update.
    My blog http://www.calegp.com

    You may learn something!
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    Zone transfers are a potential security risk because they can provide quite a bit of information about your network. That is why you have to configure trusted machines manually.
  • undomielundomiel Member Posts: 2,818
    I believe in Windows 2000 Server it defaults to being a happy zone transferring daemon but 2003 defaults to being restricted. Just something you might want to keep in mind for securing any 2000 servers you may have to work with in the future.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    undomiel wrote:
    I believe in Windows 2000 Server it defaults to being a happy zone transferring daemon but 2003 defaults to being restricted. Just something you might want to keep in mind for securing any 2000 servers you may have to work with in the future.

    Correct.
  • seuss_ssuesseuss_ssues Member Posts: 629
    JayrodEF wrote:
    I was doing a practice test this morning for the 291 and came across a DNS question. The question doesn't really matter I don't think, but the testing program said the answer was to configure a DNS server to allow zone transfers to a particular Windows XP client computer. I was under the impression that zone transfers only happened between DNS servers. So I'm wondering if it is actually possible to have a zone transfer to an XP client computer and if so, why exactly would this be beneficial since the explanation didn't really clear things up. Thanks!

    I do not know any reason why anyone would be doing a zone transfer to a client other then possibly testing something.

    Transfers should only be done to authorized servers that you manually input.
  • JayrodEFJayrodEF Member Posts: 111 ■□□□□□□□□□
    Thanks for the replies. Yeah, I thought you should only be doing transfers to trusted servers that's why I was floored when that was the supposed correct answer. Sounds like it is possible though, but I still can't see why you would do that in any real world situation.
  • royalroyal Member Posts: 3,353
    Only real world situation I can possibly fathom is to allow zone transfer to a secured management workstation, and have that client be able to do a :
    nslookup
    set type=any
    ls -d FQDN > zonedata.txt

    This will **** all data for the zone.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    JayrodEF wrote:
    Thanks for the replies. Yeah, I thought you should only be doing transfers to trusted servers that's why I was floored when that was the supposed correct answer. Sounds like it is possible though, but I still can't see why you would do that in any real world situation.

    I said why I use it!

    "When I am looking for a computer name that I don't know I can perform a zone transfer and find the computer name in that list."
    My blog http://www.calegp.com

    You may learn something!
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    How do you know what you're looking for? Do you have the IP? If so, wouldn't it be easier to setup a reverse lookup zone?
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    dynamik wrote:
    How do you know what you're looking for? Do you have the IP? If so, wouldn't it be easier to setup a reverse lookup zone?

    Lets say the computer name of your server is ASDF12WQWEQZCZCA well then you don't remember that if you don't have it written down somewhere... Perform a good ole zone transfer and I can copy/paste.

    Just more work around techniques that you learn as you gain experience in being a sysadmin.
    My blog http://www.calegp.com

    You may learn something!
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Mishra wrote:
    dynamik wrote:
    How do you know what you're looking for? Do you have the IP? If so, wouldn't it be easier to setup a reverse lookup zone?

    Lets say the computer name of your server is ASDF12WQWEQZCZCA well then you don't remember that if you don't have it written down somewhere... Perform a good ole zone transfer and I can copy/paste.

    Just more work around techniques that you learn as you gain experience in being a sysadmin.

    That's a lot more work to me than just pinging it and copy/paste. Or once you do a zone xf then make a spreadsheet. I know the IP addresses of about 40 servers (at least). I suppose if you had a lot more it would be all right.
    ping -a 192.168.3.32
    Pinging server01 [192.168.3.32] with 32 bytes of data:
    
    Reply from 192.168.3.32: bytes=32 time<1ms TTL=128
    Reply from 192.168.3.32: bytes=32 time<1ms TTL=128
    Reply from 192.168.3.32: bytes=32 time<1ms TTL=128
    Reply from 192.168.3.32: bytes=32 time<1ms TTL=128
    
    Ping statistics for 192.168.3.32:
        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    
    All things are possible, only believe.
Sign In or Register to comment.