AXFR DNS Query
I have recently been looking at the use of AXFR across my own domain names as I was migrating DNS. I have since thought ‘oh this used to work on everything lets see if it still does’. First shot I done was the new .me TLD (host -l me.). This was now showing me a list of every .me domain registered along with there name servers. Next attempt .org once again it works. AXFR can be used in alot of cases to map a company’s DNS eg. Where all the services are ect.. You should always disable zone transfers on ANY DNS Server this could lead to potential security risks. Take for example we have a domain name test.com and we have routers ect.. behind this no one knows the IP’s of them you create router.test.com AXFR is enabled people then see your router’s ip which could lead to potential security risks. And can consume alot of bandwidth 
See below for an example of stopping this with BIND
options {
allow-transfer {"none";};
};
November 17th, 2008 at 3:36 am
domain name sales…
Of course, you can always change your name (though not that easily) , but typically the name you\’re born with, is the name your stuck with….
November 19th, 2008 at 4:08 am
T-Rex…
HTML 5 allows connections across domains, through use of the Access- Control HTTP header, as defined in a separate W3C specification (which applies identically to normal XHR usage and to server- sent events). A request is made for a resource as usual, …