Skip to Content

Webinar: What's next for AI Security? Register Now

Dark teal and black gradient

Blog

Anonymous Zone Transfers

Unkowingly allowing Anonymous Zone Transfers can increase your risk profile immensley.

How to test for anonymous zone transfer using nslookup:

gt;nslookup

gt;set query=ns

gt; acme.com

Server: acme.com
Address: 000.000.000.000

acme.com nameserver = ns1.acme.com

acme.com nameserver = ns2.acme.com
ns1.acme.com internet address = ccc.ccc.ccc.ccc
ns2.acme.com internet address = vvv.vvv.vvv.vvv

gt; server ns1.acme.com

gt; ls acme.com
[ns1.acme.com]
acme.com.
A hhh.hhh.hhh.hhh

acme1.com.NS
server = ns1.acme.com

acme2.com.NS
server = ns2.acme.com

mail1
A uuu.uuu.uuu.uuu

mail2

A ddd.ddd.ddd.ddd

www
A uuu.uuu.uuu.uuu

web2
A iii.iii.iii.iii

Explore More In-Depth Penetration Testing Resources

View Our Resources