running w/ win2k as master and bind8 as slave (was win2k's dns)
Joseph S D Yao
jsdy at cospo.osis.gov
Wed Sep 1 15:23:22 UTC 1999
steve rader grumbled:
> > From: Joseph S D Yao
> > Authorization, yes. For audit, would it help if you had set:
> >
> > logging {
> > ...
> > category update { ... };
> > category security { ... };
> > category response-checks { ... };
> > ...
> > };
> > ? [I have yet to check the code to see how much would be audited.]
>
> Maybe I'm wrong--I don't run DDNS--but I'm pretty sure the above
> logging config would not leave an audit trail with login info,
> diff-like details and meta-comments (ala RCS, CVS or a change
> management system.)
Well, that's pretty obvious. ;-( And even if the dynamic update
stream DID contain all of those details, it could be faked unless there
were some kind of valid authentication stream all the way back to the
originator of the change [DHCP daemon? or just the notifying process?].
For that matter, it occurs to me that I can hand-create a valid-seeming
SCCS or RCS/CVS archive - I'm surprised that an audit expert would
admit that in evidence. ;->
At least, this would provide you with an audit TRAIL.
Welll ... I just glanced at the code, and I'm no longer even sure of
that. On the other hand, you may be able to use DNSSEC to provide
authentication of transactions. If w2k uses that ... which I would
suspect that it doesn't ...
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list