Reverse lookups not working when Internet connection failed.
Grant Taylor
gtaylor at tnetconsulting.net
Mon Nov 7 03:08:40 UTC 2022
On 11/6/22 11:12 AM, Carl Byington via bind-users wrote:
> or use $clientname.66.136.193.in-addr.arpa. as the intermediate zone
> which has a slight advantage when the same client has multiple disjoint
> parts of the same /24.
I find that $CLIENTNAME or some other stand in for the client is a
potential for information lek.
There is nothing inherent in the CNAME to non-identifying RNAMEs that
leaks any client identifying information.
Conversely the client is in charge of what information they put in the
sub-zone, so it's not the ISP leaking client identifying information.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20221106/782f913a/attachment.bin>
More information about the bind-users
mailing list