[92392] in North American Network Operators' Group
Re: Why is RFC1918 space in public DNS evil?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon Sep 18 14:22:10 2006
To: peter@peter-dambier.de
Cc: nanog@merit.edu
In-Reply-To: Your message of "Mon, 18 Sep 2006 17:57:43 +0200."
<450EC1F7.5070909@peter-dambier.de>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 18 Sep 2006 14:21:10 -0400
Errors-To: owner-nanog@merit.edu
--==_Exmh_1158603670_4168P
Content-Type: text/plain; charset=us-ascii
On Mon, 18 Sep 2006 17:57:43 +0200, Peter Dambier said:
> It can make sense:
>
> I am sending my mails mostly from lumbamba.peter-dambier.de (192.168.48.226)
> my router is krzach.peter-dambier.de (192.168.48.2)
> my mailer is echnaton.peter-dambier.de (192.168.48.228)
>
> My traceroute looks ok although some of the hosts are RFC1918
> If somebody looks into my email headers they find information that makes
> sense although they could not ping the hosts.
>
> As long as you do not allow AXFR, nobody can see the information about
> RFC1918 hosts. So there is no risk.
Unless of course you're leaking it in Received: headers..
Or DNS requests across the public Internet (remember, we *started* with the
question of having this stuff on a public-facing DNS server..)..
Or all the other myriad ways this stuff tends to leak out. AXFR is the *least*
of your problems.
--==_Exmh_1158603670_4168P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFFDuOWcC3lWbTT17ARAuH9AKCmY/X8NixCEtjKC6me588ULBL64gCeK/7J
ALWIW+FgeaB7MQSYCbDl/l0=
=6hZ+
-----END PGP SIGNATURE-----
--==_Exmh_1158603670_4168P--
