[88006] in North American Network Operators' Group
Re: DNS Server domains was Re: GoDaddy.com shuts down entire data center?
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Tue Jan 17 11:31:23 2006
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Simon Waters <simonw@zynet.net>
Cc: nanog@nanog.org
In-Reply-To: (Your message of "Tue, 17 Jan 2006 09:13:46 GMT.")
<200601170913.46868.simonw@zynet.net>
Date: Tue, 17 Jan 2006 11:30:49 -0500
Errors-To: owner-nanog@merit.edu
In message <200601170913.46868.simonw@zynet.net>, Simon Waters writes:
>
>
>I think the general consensus in the DNS field is that for security reasons it
>is preferable to have as small a set of DNS servers (or perhaps as small as
>set of differently configured servers! Hmm physical security....) in the
>hierarchy above you as possible, since compromise of any of these could
>affect the results obtained for your domain.
>
See http://www.usenix.org/events/imc05/tech/ramasubramanian.html
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
