Why is RFC1918 space in public DNS evil?
Roland Dobbins
rdobbins at cisco.com
Mon Sep 18 19:17:01 UTC 2006
On Sep 18, 2006, at 12:12 PM, Elijah Savage wrote:
> I've been directed to put all of the internal hosts and such into
> the public
> DNS zone for a client.
Another option is split-horizon DNS for the internal stuff, if it
never needs to be publicly visible.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice
Any information security mechanism, process, or procedure which can
be consistently defeated by the successful application of a single
class of attacks must be considered fatally flawed.
-- The Lucy Van Pelt Principle of Secure Systems Design
More information about the NANOG
mailing list