Looking for pointers
Joseph S D Yao
jsdy at cospo.osis.gov
Wed Jul 12 16:17:42 UTC 2000
On Wed, Jul 12, 2000 at 03:06:00AM -0500, Scott Kindley wrote:
>
> Hello,
> I'm new to this list. I have been lurking for about 2 weeks now.
>
> I've read DNS and Bind 3rd edition and run bind-8.2.2_P5-1 from an RPM
> at www.moongroup.org on my Linux machine.
>
> I would like very much for someone to check out my configs as I'm
> getting some errors.
>
> Here is a preliminary question though.
>
> Isn't posting of the information in my zone files and such kinda risky?
> I mean isn't there a consequence to doing that?
>
> Scott
Yes, but very small. If you're not running with zone transfers
restricted, then there is NO additional risk to publishing your zone
files here. If you are restricting zone transfers, then publishing
here runs the extremely minor risk of someone getting a host name from
your DNS for use in some exploit - which they might well have guessed
anyway, or they might have experimented with the IP addresses. You run
the much greater certainty that any problem to be found in the zone
file will be found by the many people who have exhibited some degree of
clue here at some time or another.
One hint. If you have names like "really-crappy-firewall" in your zone
file, please change them in your REAL zone file. That kind of thing is
not useful to you, anyway. Change it to, say, the name of your
brother-in-law who forced you to use the really crappy firewall. THEN
send in the zone file, without such red flags. ;-)
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list