Bind8 Dynamic DNS How-To?
Jeff Newton
Jeff_Newton at pmc-sierra.com
Tue Jun 13 21:58:13 UTC 2000
It would seem to me that Win2K boxes aren't the problem here as any
other client with "permission" to send updates could stomp on any
DNS entry.
Is stronger-authenticated updates in the works for a future Bind
release?
Cheers,
> Jeff Newton wrote:
>
> > I've been using Bind 8.2.2 for a while now but I'd like to start
> > implementing the dynamic DNS features for our many DHCP Windoze
> > machines. Plus with Win2K fast approaching.....
>
> Prepare to be disappointed. From what I gather, there is no way for
> Win2K to make strongly-authenticated Dynamic Updates to BIND, and
> without proper authentication, not only is there the obvious
security
> risk, but there's really nothing to stop the Win2K boxes from
stomping
> on each other's records (since the server can't really tell one
client
> from another). Of course, Microsoft has this problem "solved", as
long
> as you use *their* servers for DNS instead of BIND. Yippee.
>
>
> - Kevin
>
>
----
Jeff Newton
Security Analyst
PMC-Sierra Inc.
More information about the bind-users
mailing list