DNS and intranet security
Diego
dcima at rete039.it
Tue Oct 19 09:44:06 UTC 1999
Barry Margolin ha scritto nel messaggio ...
>In article <GIcLOLVRw9Q7rhDCbWKgnB+mGQVQ at 4ax.com>,
>Mark Olbert <mark at arcabama.com> wrote:
>>On 18 Oct 1999 09:58:33 -0700, "Diego" <dcima at rete039.it> wrote:
>>
>>>Scenario:
>>>One linux box (RH 6.0, Samba 2.0.3, Bind 8)
>>>two win98 clients
>>>
>>>This is my small intranet at home. The linux box acts as file server and
>>>gateaway to the Internet for two Win98.
>>>I have set up bind 8 to have my own DNS (just for fun and because I need
to
>>>point to different forwarders i.e. different ISPs).
>>>
>>A bit off topic, but you may need to run two different instances of
>>named, if you plan on using name to resolve your internal addresses
>>(if you just use hosts it's not an issue).
>
>That's only necessary if you're doing split DNS, where the machine is also
>a public DNS server. But as he said later in his message, he doesn't allow
>DNS queries from the Internet, so it's obvously not a registered DNS
>server.
>
>--
>Barry Margolin, barmar at bbnplanet.com
>GTE Internetworking, Powered by BBN, Burlington, MA
>*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
>Please DON'T copy followups to me -- I'll assume it wasn't posted to the
group.
>
No, actually I do not have (and don't plan to) a registered domain. I just
need named to access the internet, and to learn something new.
BTW could you tell me more precise informations about "listen on"? I'm not a
Bind expert, and I'm not sure about the syntax. And more, if I listen only
to my loopback, can I still query root servers and/or forwarders?
One last question (might be out of topic...): I use nmap to check my linux
security. But when I scan myself (i.e. my own computer) I cannot check the
validity of my ipchains. I know I should do it from outside, but it's often
a problem doing that. Any suggestion?
Thanx
Diego
More information about the bind-users
mailing list