Firewalls: Re: Obvious (?) problem with allowing DNS..

Firewalls
(December 1992)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Obvious (?) problem with allowing DNS..
From:	todd @ macsch . com (Todd Williams)
Date:	Tue, 22 Dec 92 16:00:24 PST
To:	firewalls @ GreatCircle . COM

At 11:56am on Tue Dec 22 1992, Donald R. Proctor <sybase!donp @
 Sun .
 COM> said:
> 
> The best approach is probably to set up an "internal" DNS domain and
> an "external" DNS domain.  The internal domain servers would talk to
> internal root servers, and the external domain servers would talk to
> the "real" root servers.
> Also, you may not have a need to advertise the name of every host on
> your network to the outside world.

This scenario was brought up in Rob Kolstad's DNS tutorial at LISA VI.
Somebody mentioned that Smoot Carl-Mitchell had made available the code
necessary to set this up, with the bastion host knowing both internal
and external DNS info, but not advertising the internal info to the world.

Does somebody have a pointer to this stuff, or Smoot's email address,
or any other info?

Todd Williams    UNIX Systems Coordinator     todd @
 macsch .
 com    (213) 259-4973
MacNeal-Schwendler Corp. ("MSC"),  815 Colorado Blvd.,  Los Angeles, CA   90041
   "Solaris 2.0 -- It's enough to make you leave the company." -Rob Kolstad

Indexed By Date	Previous:	Re: Obvious (?) problem with allowing DNS.. From: Donald R. Proctor (510/596-3828) <sybase!donp @ Sun . COM>
Indexed By Date	Next:	Proxy TCP & UDP w/ Normal Clients From: mischler @ norman . li . cubic . com (Dave Mischler)
Indexed By Thread	Previous:	Re: Obvious (?) problem with allowing DNS.. From: avalon @ coombs . anu . edu . au (Darren Reed)
Indexed By Thread	Next:	Proxy TCP & UDP w/ Normal Clients From: mischler @ norman . li . cubic . com (Dave Mischler)