Separate zone files for each of the sub-domain
Brad Knowles
brad.knowles at skynet.be
Wed Jul 25 09:34:49 UTC 2001
At 2:04 PM -0700 7/25/01, Danie I. wrote:
> I WANT TO:
> 1) HIDE the list of all my subdomains. So any one, quering my
> domain.com should not get list of my subdomains.
For this, you are dependant on the operators of the nameservers
you are using. If the folks at GraniteCanyon or Nominum have
confgured their machines to disallow zone transfers except from
certain IP addresses, you are fine. Otherwise, you are screwed.
> 2) Maximum security wise, I can do.
List as relatively little information in the DNS that you can,
and then use TSIG and DNSSEC to cryptographically sign the
information that you have out there.
> 3) A future tip for a dynamicDNS type thing or any other way.
I'm not quite sure what you mean here. Could you elaborate?
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list