Is it usual for DNS to be run on a firewall.
We will be using a dual homed firewall with FWTK installed.
The DNS could be run on the red net www. or ftp. (public) machine or on the other
Cisco 2514 Ethernet side which is connected directly to the firewall.
Is there a proxy service for DNS which could run on the firewall?
If the DNS could be compromised, then the firewall itself could then be attacked.
If DNS ran on the www. ftp. (public) machine the Cisco could be configured to stop
attacks from the public access machine if this was compromised.
Would it be better to run split horizon DNS for internal and external
If a DNS machine could be cracked that contained all the network
information surely this could cause a security scare!
Your comments please.
Jon Whitton. Internet Address: jonw @