How is QID 15018 - DNS Zone Transfer detected?
The test for QID 15018 can be verified manually from a command line.
From a Windows command line, type the following commands and press Enter after each line:
nslookup server TARGET_DNS_SERVER_IP set type=any ls -d TARGET_DOMAIN
TARGET_DNS_SERVER_IP is the IP address of the DNS server that QID 15018 was posted on.
TARGET_DOMAIN is the domain that the DNS Zone Transfer is being attempted on.
From a Linux command line, type the following command:
dig @TARGET_DNS_SERVER_IP -t AXFR TARGET_DOMAIN
If the resulting output displays the zone information for the domain, the issue has been successfully reproduced.
Qualys Support KnowledgeBase