Take care of your DNS server's zone transfer settings, if anyone are allowed to trigger a AXFR (Asynchronous Full Transfer Zone) this could be used by attackers to get information about any subdomains, aliases, MX hosts etc.. compilenix.org was affacted too, until now :(
You can test if your domain(-server) are configured correctly
DOMAIN="YOURDOMAIN.TLD" dig NS $DOMAIN +short | sed -e "s/\.$//g" | while read nameserver; do echo "Testing $DOMAIN @ $nameserver"; dig AXFR $DOMAIN "@$nameserver"; done
There should be something like:
Testing compilenix.org @ ns1.compilenix.org ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> AXFR compilenix.org @ns1.compilenix.org ;; global options: +cmd ; Transfer failed. Testing compilenix.org @ ns2.compilenix.org ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> AXFR compilenix.org @ns2.compilenix.org ;; global options: +cmd ; Transfer failed.
Find here, more details of the feature you will: rfc 5936
Ref's:
heise.de
internetwache.org
With you, may the force be.