localhoast A record?
Kevin Darcy
kcd at chrysler.com
Fri Mar 21 15:55:21 UTC 2014
On 3/21/2014 9:03 AM, Casey Deccio wrote:
> On Fri, Mar 21, 2014 at 8:50 AM, Mitchell Kuch <mitch at basejp.com
> <mailto:mitch at basejp.com>> wrote:
>
> Hello -
>
> I've adopted a number of zones and most of them contain "localhost in
> a 127.0.0.1" records. I'm curious what current RFC standards state and
> what the community considers best practice. RFC1537 states that zones
> should contain a localhost record, but it seems that practice was
> obsoleted by RFC1912. Is anyone aware of negative consequences with
> leaving such records in place, perhaps a XSS vulnerability?
>
> I'm itching to remove the records but thought I'd check to see if
> there was a legacy use case.
>
>
> I would take a look at the query logs for the zones in question. You
> might be surprised at how many queries are being made by systems that
> are applying a suffix from the search list because of the lack of of
> an entry for localhost in the hosts file or the mishandling thereof.
>
I wouldn't be surprised by any quantity or variety of harebrained
queries that clients make, but that doesn't mean I'm going to add
entries for all that garbage in an attempt to make those clients
"happier". As far as I'm concerned, "localhost" falls into the same
"it's being looked up but shouldn't be" category, and I do not add it as
a matter of course.
- Kevin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140321/f4d9fc75/attachment.html>
More information about the bind-users
mailing list