I stumbled upon DNS Exit and some of their clients a month or two back, and noticed zone transfer* worked. *This “feature” lets you grab all DNS records, most of which are normally private. It is rare these days for this trick to work and it worked not only on dnsexit.com but all of its tens of thousands of clients! Zone transfer is typically off by default and you can enable it but lock it down to another domain or IP. With this provider it is on with no option to turn it off or restrict it. The use of it is to sync DNS zones (“database”).
Why do exposed DNS records matter? Typically just the records of email settings (MX) and the main web address IP (@/www - A) are visible. Others are hidden and for good reason, they show services used internally and by certain clients. Imagine if anyone knew what the address of your VPN, webmail, document store and client extranet was? They can start attacking, looking for flaws or simply phish their way through. Zone transfer is not the only flaw at DNS Exit…
Zone transfer of themselves. If they can’t even secure themselves how can they be expected to secure clients?
Whenever I am out on the street, abroad or at home, working or on holiday I always spot funny in-secure situations and take a photo if possible. Below are just four stories on the lines of outsourced shredders and there are many more stories on other topics including photos.
Story #1 outsourced on-site shredding into massive chunks
At a place I was working at in London they had 2-3 shredder bins on each floor and they were always locked though at times overflowing which meant you could pinch paper out of them. Every week or two a lorry would come along and a security guard would escort the driver to collect each shredder bin in the building and take it to the lorry in the gated car park. One day I asked facilities how does this work and they gave me the name of the company. It was a big company with ISO 27001, ISO 9001 and two other ISO’s related to environmental standards. Great I thought – not that I fully respect companies which are certified.
