Domain Transfer Zone Transfer

In a previous lecture, we explained that a Zone Transfer is the process by which nameservers synchronize data. In DNS, the leader-follower architecture means that the primary nameserver receives updated records in a hosted zone file and secondary nameservers replicate this data using various mechanisms.

In this article, we focus on domain transfers. A domain transfer can refer to:

• Changing the registrar that manages your domain
• Transferring the domain ownership (registrant)
• Or, performing both actions simultaneously

For instance, consider KodeKloud.com, which is managed using Cloudflare nameservers. If Mumshad Mannambeth decides to retain ownership but move KodeKloud.com from Cloudflare to AWS Route 53, this is considered a registrar transfer. Conversely, if the ownership of the domain is being transferred to someone else, it would be described as a registrant transfer.

It is also possible to transfer both ownership and registrar simultaneously. However, be aware that domain transfers can sometimes occur through malicious activities. Domain hijacking is a type of DNS attack where an attacker attempts to take control of your domain by impersonating you—for example, by sending fake emails on your behalf.

To defend against domain hijacking, consider implementing these measures:

• Always keep your domain locked. Domain locking is a feature provided by most registrars (often enabled by default) that prevents unauthorized transfers.
• Keep your SOA (Start of Authority) records updated.
• Enable auto-renewal on your domain to prevent accidental expiration.
• Use strong authentication methods wherever possible.