I saw related news reports that it is said that half of the companies in the UK, including top ISPs, do not prevent hackers from copying DNS server databases, even though these databases may contain valuable information. Do you believe that there are no thieves in the world, so you open your heart so honestly? While this vulnerability wouldn't allow a hacker to take control of a DNS server, it could help them break into a secure system. It provides incentives and free information to hackers, which is being used by hackers.
A DNS server usually converts a text-based name, such as a network address, into a numeric IP address. If the DNS server allows space transfer, a hacker can download the entire list of names and addresses. The investigation revealed that the three major ISPs - BT, Colt and Demon - were not preventing regional transfers. A Demon official said his company does list users' details in some ways, but the company is constantly improving.
The laboratory of IT Week, a research organization, downloaded British Telecom's Internet-oriented DNS database. It does not contain the user's name, but lists several BT websites, email and FTP servers. Colt also does not prevent public zone transfers, but its DNS database appears to list only some of Colt's systems. Many universities also allow unrestricted DNS zone transfers.
DNS can be used for zone transfer by default, and is it legal?
According to analysis by the legal community, copying the DNS database may not violate the Computer Misuse Act (CMA) because it does not involve illegal access or modification. Many types of denial-of-service attacks do not violate the CMA because they utilize publicly available tools, so their use is permitted. An amendment to the CMA Act to deal with such attacks is being proposed as a private members' order, but is unlikely to become constitution unless a broader legal process is passed in Parliament.
I couldn't help but feel a little ashamed, and while opening the door, I also wrote on the door, welcome. Are they realizing communism faster than us? (Source: http://dns.qy.com.cn )