DNS forwarding or sort of...
Kevin Darcy
kcd at daimlerchrysler.com
Wed Aug 16 21:23:15 UTC 2006
Srivatsa Srinivasan wrote:
> Hi
>
> I have a request do the below
>
> example.foo.com (internal domain - foo.com) forwards to www.google.com ?
>
> The reason why customer wants this is, so that he can avoid the proxy
> server prompting for a id/password.
>
> Questions
>
> 1. is it a common practice ?
> 2. Are there are any potential issues ?
>
Theoretically, you could "spoof" the proxy in this way, assuming you
controlled the DNS infrastructure that the proxy uses to resolve names.
However, it would require that the destination webserver be completely
oblivious to your trickery, and not care about what name is used to
access it. If the destination webserver does any kind of virtual
hosting, cookies, SSL, etc., then it's going to be sensitive to names
and this will most likely blow your scheme out of the water.
Wouldn't it be a whole lot simpler and more reliable to just configure
the proxy to not require authentication for particular sites, as Mark
Watts suggested?
- Kevin
More information about the bind-users
mailing list