Re: DNS question

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Previous message: rbarrow@membank.com: "Subscribe"
• Next message: Kurt Schafer: "Re: Accounting problem"
• Maybe in reply to: Carlo Gibertini: "DNS question"
• Next in thread: Carlo Gibertini: "Re: DNS question"

ie, if you have a zone file that looks like this

www.domain.com IN A 192.168.0.1
ftp.domain.com IN A 192.168.0.2
mail.domain.com IN A 192.168.0.3
topsecretmachine.domain.com IN A 192.168.0.4

you can set up your DNS server to resolve addresses that people ask for
(like www.domain.com) but to not let people actually download your entire
zone file. (and thereby be able to find out about the topsecretmachine)

If you run BIND on a unix host, grab the latest version and go through the
docs. If you run MS-DNS, I have no idea but I'm sure if the functionality
exists, it can't be too hard to find it. If you run a Cisco router, I think
you can implement some of this in access lists as well.

= K

-----Original Message-----
From: Carlo Gibertini <carlo@nw.com.br>
To: RadiusNT@iea-software.com <RadiusNT@iea-software.com>
Date: Saturday, March 14, 1998 8:25 AM
Subject: DNS question

>I have a doubt: How can I configure DNS so that it won't show address
>records to strangers outsiders of my network?
>
>I can do this ?
>
>Thanks,
>
>Carlo
>
>
>
> ----------------------------------------------------------
> RadiusNT Mailing List lists@iea-software.com
>
>

• Previous message: rbarrow@membank.com: "Subscribe"
• Next message: Kurt Schafer: "Re: Accounting problem"
• Maybe in reply to: Carlo Gibertini: "DNS question"
• Next in thread: Carlo Gibertini: "Re: DNS question"