Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Why is RFC1918 space in public DNS evil?

  • From: Roland Dobbins
  • Date: Mon Sep 18 15:23:09 2006
  • Authentication-results: sj-dkim-8.cisco.com; header.From=rdobbins@cisco.com; dkim=pass (sig from cisco.com verified; );
  • Dkim-signature: a=rsa-sha1; q=dns; l=657; t=1158607022; x=1159471022;c=relaxed/relaxed; s=sjdkim8002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;d=cisco.com; i=rdobbins@cisco.com; z=From:Roland=20Dobbins=20<rdobbins@cisco.com>|Subject:Re=3A=20Why=20is=20RFC1918=20space=20in=20public=20DNS=20evil?;X=v=3Dcisco.com=3B=20h=3DPneFeU9yCD4NYnx8nkFoxFJD7Nc=3D; b=oGagHcYxrZrB20J3lc5QdrmFlvZilcO8PWUZSG8vFDsanD1PBKj2Vwj7oFp6QthAysCnzr7EDlKugzBIdAdR4MpDpfsOa5Y0ILZv1eBtiY9otmqz53LZS9npnjaRdY1+;


On Sep 18, 2006, at 12:12 PM, Elijah Savage wrote:

I've been directed to put all of the internal hosts and such into the public
DNS zone for a client.
Another option is split-horizon DNS for the internal stuff, if it never needs to be publicly visible.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@cisco.com> // 408.527.6376 voice

Any information security mechanism, process, or procedure which can
be consistently defeated by the successful application of a single
class of attacks must be considered fatally flawed.

-- The Lucy Van Pelt Principle of Secure Systems Design





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.