[92394] in North American Network Operators' Group
Re: Why is RFC1918 space in public DNS evil?
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Mon Sep 18 15:21:49 2006
In-Reply-To: <12662763.1011158606737723.JavaMail.root@mail>
From: Roland Dobbins <rdobbins@cisco.com>
Date: Mon, 18 Sep 2006 12:17:01 -0700
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
On Sep 18, 2006, at 12:12 PM, Elijah Savage wrote:
> I've been directed to put all of the internal hosts and such into
> the public
> DNS zone for a client.
Another option is split-horizon DNS for the internal stuff, if it
never needs to be publicly visible.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@cisco.com> // 408.527.6376 voice
Any information security mechanism, process, or procedure which can
be consistently defeated by the successful application of a single
class of attacks must be considered fatally flawed.
-- The Lucy Van Pelt Principle of Secure Systems Design
