DNS zone transfer is an answer to a DNS query that provides the domain related information configured in the authoritative nameserver. Typically the nameserver(s) contain(s) information regarding the primary name server (SOA records) nameservers (NS records), hostnames, IP addresses, Mail Exchangers (MX records), aliases (CNAME records), glue records etc.

DNS zone transfer is the mechanism through which primary DNS servers and secondary DNS servers for a domain update their DNS information.

People who are new to DNS concepts can learn about it at – http://dyn.com/blog/dns-why-its-important-how-it-works/ . If you wish to perform various lookups on a domain, there is an excellent online tool for that at – http://mxtoolbox.com/SuperTool.aspx

Coming back to DNS zone transfer, the guys at digininja have done a very good job at explaining DNS zone transfer. You can access their post on this topic here .

Allowing a zone transfer to any anonymous client/system can be a security risk as it can expose a lot of sensitive information about the domain for which the DNS server is authoritative.

If you wish to test a public DNS server for zone transfers, there is an online tool at – https://hackertarget.com/zone-transfer/ 

Advertisements