Yes - absolutely. In a zone like .com with 30 million entries, and most english words, the zone file is not that useful but in a zone of 160,000 it makes life a lot easier for scammers. DOF
-----Original Message----- From: Juha Saarinen [mailto:juha(a)saarinen.org] Sent: Wednesday, 29 September 2004 12:52 p.m. To: NZ NOG Cc: David Farrar Subject: Re: [nznog] ns1,2,3,5.dns.net.nz hot being helpful
Juha Saarinen wrote:
David Farrar wrote:
Scammers have told us that they use zone files for their scams. This is not hypothethical - this has happened with the .nz zone before it was restricted. And those scammers actually went and defrauded .nz registrants out of hundreds of thousands of dollars by using the zone file to get the whois data (and yes there is significant rate limiting technology used on the whois, but there are also scammers who use thousands of zombie machines to not trigger the restrictions, even if it takes them a couple of months). The scammers have actually said that the zone file data is very useful to them, because otherwise they need to do dictionary attacks on the whois, and they are much much easier to guard against.
You mean the scammers compiled a list of .nz domains from zone transfers, and then used them for whois queries?
-- Juha