About this tag
AXFR (Asynchronous Transfer Full Range) is a DNS protocol used for zone transfers, allowing replication of DNS data across multiple servers. On WindowsForum.com, discussions highlight the security risks of misconfigured DNS servers that respond to global AXFR requests. Such misconfigurations can leak internal network structure and sensitive domain information to remote unauthenticated users. The tag covers topics like DNS security, zone transfer vulnerabilities, and best practices for securing Windows-based DNS servers against unauthorized AXFR queries. Administrators are advised to restrict AXFR requests to trusted secondary DNS servers only.
-
TA15-103A: DNS Zone Transfer AXFR Requests May Leak Domain Information
Original release date: April 13, 2015 Systems Affected Misconfigured Domain Name System (DNS) servers that respond to global Asynchronous Transfer Full Range (AXFR) requests. Overview A remote unauthenticated user may request a DNS zone transfer from a public-facing DNS server. If...- News
- Thread
- axfr bindings configuration dns domain exploitation guidelines impact internet misconfiguration network protection remote access risk scan scripting security unauthenticated access vulnerability zone transfer
- Replies: 0
- Forum: Security Alerts