[ale] OT: DNS query (dig) question

Chris Ricker kaboom at gatech.edu
Tue May 11 13:43:07 EDT 2004


On Tue, 11 May 2004, Joe Steele wrote:

> Many domain name servers will block zone transfers (a form of 
> security through obscurity), so the operation will not always succeed 
> (regardless of whether you use nslookup or dig).

I wouldn't call it "security through obscurity". There's a big difference,
IMHO, between not needlessly divulging information (restricting zone
transfers, using /etc/shadow instead of /etc/passwd, etc.) and assuming that
flaws won't be exploited because they're not known (security through
obscurity).

later,
chris



More information about the Ale mailing list