They don't have zone transfers turned off from their secondary DNS... interesting:

> ls -d quova.com

[AUTH50.NS.UU.NET]

$ORIGIN quova.com.

@ 1D IN SOA ns1 hostmaster (

2000062901 ; serial

1H ; refresh

15M ; retry

2W ; expiry

1D ) ; minimum

1D IN NS ns1

1D IN MX 10 mailhost

1D IN MX 20 imail

1D IN MX 30 mail.DIGIWEB.com.

1D IN A 208.37.145.34

pophost 1D IN A 208.37.145.37

cgi 1D IN A 206.161.225.46

fw 1D IN CNAME @

mailhost 1D IN A 208.37.145.36

mail 1D IN CNAME mailhost

www 1D IN A 205.177.226.233

chat 1D IN A 206.161.237.88

ns1 1D IN A 208.37.145.35

imail 1D IN A 207.226.255.43

ftp 1D IN A 64.41.164.58

@ 1D IN SOA ns1 hostmaster (

2000062901 ; serial

1H ; refresh

15M ; retry

2W ; expiry

1D ) ; minimum

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/56/2393#2393