Anton Rager wrote this...
> Hello All,
> Are there potential or known problems with running a DNS server on a
> firewall?? [FWTK or Firewall-1 to be more specific]. I have read
> about many evil things with NIS/NIS+, but have not found any DNS
> based comprimises. I need to maintain my own Internet domain and
> alias DNS tables, but will not have any internal names available to
> the firewall DNS system. Should I install a seperate system with
> the Internet DNS Master and cache DNS on the firewall, or just use
> my firewall for Internet master??
if you have heard any evil things about NIS+ i'd like to hear it. NIS+
is far removed from NIS, and last time i checked it was more rock
solid than either NIS or DNS, far more secure... so secure in fact
that if you misconfigure it you cant get your data back!! :)
to set up internal host lookups (for just inside a company), NIS+ is
far more secure than DNS. but unfortunately it lacks some of the
functionality of DNS.
NIS on the other hand is as secure as a slice of soggy bread.
Matthew Keenan Data Network Admin Information Technology Division
University of Technology Sydney Australia
It's nice to be in a position where people apologize because they
assume there's humor in your work, based on past experience,
but they're not sure where it is. -- Rob Pike