Just noticed that somewhere along the line during this debate,
"Firewalls-Owner" got substituted for "Firewalls", and most of you haven't
been seeing this exchange. I'll ferret out the other messages that got
sent to the wrong address, and forward them.
-Brent
--
Brent Chapman Great Circle Associates
Brent @
GreatCircle .
COM 1057 West Dana Street
+1 415 962 0841 Mountain View, CA 94041
------- Forwarded Message
Return-Path: brent @
GreatCircle .
COM
Return-Path: <brent @
GreatCircle .
COM>
Received: from localhost by mycroft.GreatCircle.COM (4.1/SMI-4.1/Brent-921015)
id AA05506; Thu, 20 May 93 10:09:41 PDT
Message-Id: <9305201709 .
AA05506 @
mycroft .
GreatCircle .
COM>
To: rmdupont @
irsc .
gmeds .
com (R. Michael Dupont)
Cc: tkevans @
eplrx7 .
es .
duPont .
com, Firewalls-Owner @
GreatCircle .
COM
Subject: Re: DNS in Firewalled Environment
In-Reply-To: Your message of Thu, 20 May 93 10:11:13 EST
Date: Thu, 20 May 93 10:09:40 -0700
From: Brent Chapman <brent @
GreatCircle .
COM>
Regarding the suggestion of using a bogus domain name as a way of
ensuring that outsiders can't get at your DNS data...
Don't.
Everybody who does that (or similar things, like inventing IP
addresses out of the blue, rather than registering them) because
"WE'll never connect to the Internet" has come to regret it, and it's
a major project to fix it a couple of years down the road.
You might as well do things "right", right from the start. It will
save you untold time and trouble later.
There are other ways to hide your internal DNS data from prying eyes, one
of which I've described before and will again shortly in a separate message.
- -Brent
- --
Brent Chapman Great Circle Associates
Brent @
GreatCircle .
COM 1057 West Dana Street
+1 415 962 0841 Mountain View, CA 94041
------- End of Forwarded Message
|
|
