Well today I decided to map out DNS services on Windows 2003. It is no surprise that nothing has changed except for the appearance of the DNS icon in the MMC.

The reason I posted this under the Microsoft Security Forum is because by default, the DNS server will supply zone transfers to anyone who asks. For those who don't understand the significance of this awful setting, it would be similar to asking an enemy commander for a map of each of his divisions on the battlefield and thier names and he gladly gives it up to you. Seriously though, once you dump a zone transfer, you have a buffet of targets and a wealth of information about the target network.

Thanks to Microsoft who has no doublt delivered on the promise of a much more security-oriented operating system out of the box.

Stay tuned, I have many more areas to poke around on the W2K3 platform.

--TH13