AT&T Business DNS hosting

[jackadaniel at gmail.com (Jack Daniel)]

I don't have any information on this personally, but our friend Bob
has had experiences with AT&T DNS at his customers' sites.  He said
that he was able to confirm that they still had unpatched servers long
after other ISPs patched for the (you know who) bug.  (well into last
year)  Bob also informs me that their servers tend to be very slow,
especially in the SF bay area.  So, between Jason's discoveries and
what Bob tells me, I would have to agree that AT&T may not be a good
choice for your DNS host.  Great choice for your victims, however.

Jack


On Mon, Jan 11, 2010 at 5:38 PM, Jason Wood <tadaka at gmail.com> wrote:
> Hey all,
> I mentioned this in Twitter, but thought I'd bring it up here.? I was doing
> some looking at a few domains that we own decided to try doing a zone
> transfers of them.? The first zone I tried was hosted with GoDaddy and I
> didn't have high hopes for them.? I was pleasantly surprised to see that my
> zone transfer requests were denied.? Then I decided to check one hosted with
> AT&T.? Sure enough, they allow full zone transfers of anything they host.
>
> I talked to one of my co-workers and he confirmed that he had noticed this
> too and that attempts had already been made to get AT&T to fix this.? No
> success though.? Oddly enough, AT&T hosts *their* domains on different DNS
> servers which do NOT allow zone transfers.? Go figure...
>
> So this message has two purposes in it.? First, if you host your DNS with
> AT&T you might consider moving to someone else or (at a minimum) make sure
> that no internal IP addresses sneak into the public DNS hosting.? Second, I
> figured all you penetration testers might be interested in full maps of
> clients who use AT&T's DNS hosting.
>
> Have fun.
> Jason
>
> --
>
> irc: Tadaka
> Twitter: ?Jason_Wood
> jwnetworkconsulting.com