Finalmente, dopo MOLTO tempo dalla mia denuncia, i name server di ateneo sono stati configurati in modo da “impedire” le richieste di trasferimento di zona (axfr) provenienti da host non autorizzati. Ecco la prova:

nightfly@nightbox:~$ dig NS unirc.it

; <<>> DiG 9.7.0-P1 <<>> NS unirc.it
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19194
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;unirc.it.                      IN      NS

;; ANSWER SECTION:
unirc.it.               1799    IN      NS      ns1.garr.net.
unirc.it.               1799    IN      NS      csiins.unirc.it.

;; Query time: 58 msec
;; SERVER: 151.99.125.2#53(151.99.125.2)
;; WHEN: Sun Oct 16 13:32:06 2011
;; MSG SIZE  rcvd: 73

nightfly@nightbox:~$ dig @csiins.unirc.it unirc.it axfr

; <<>> DiG 9.7.0-P1 <<>> @csiins.unirc.it unirc.it axfr
; (1 server found)
;; global options: +cmd
; Transfer failed.
nightfly@navigare-server:~$ dig @ns1.garr.net unirc.it axfr

; <<>> DiG 9.7.0-P1 <<>> @ns1.garr.net unirc.it axfr
; (1 server found)
;; global options: +cmd
; Transfer failed.

Era ora…

A presto.