[dns-operations] [hello at axfrcheck.com: AXFR Securit - alert - XXXXXX.fr]

Stephane Bortzmeyer bortzmeyer at nic.fr
Sun May 29 08:35:35 UTC 2016

We received this since, apparently, they send email to every email
address in the changed: attribute of the whois output :-( (I'm not
involved in the management of this domain name.)

Does anyone know these people who spread FUD about AXFR-enabled

----- Forwarded message from AXFR Check Team <hello at axfrcheck.com> -----

Date: Sun, 29 May 2016 07:22:38 +0000 (UTC)
From: AXFR Check Team <hello at axfrcheck.com>
To: [many unrelated email addresses]
Subject: AXFR Securit - alert - XXXXXX.fr

   Dear XXXXXX.fr DNS Provider,
   Our research team found some security issue in some of your DNS server
   configurations. These misconfigured DNS are very vulnerable, and easy
   to abuse.

   Here are some of potential affected DNS for example:

   Affected domains actually:

   About DNS Zone Transfer AXFR Requests May Leak Domain Information:


   Check affected DNS and domains on AXFR CHECK API

   You can fix the problem if you disbale AXFR transfer on your dns

   For example:


   allow-transfer {"none";};



   If you need help to configure the setting correctly, reply to this
   email, and we will help you.

   Who we are?

   If we helped you, or you want to support our work, please [2]DONATE us,
   to help the web a more secure place!

   Zoltan Vigh

   Twitter: [3]@ptzool

   LinkedIn: [4]https://hu.linkedin.com/in/zvigh

   AXFR Check Team


   1. http://axfrcheck.com/
   2. http://axfrcheck.com/
   3. https://twitter.com/ptZool
   4. https://hu.linkedin.com/in/zvigh

----- End forwarded message -----

More information about the dns-operations mailing list