Is there a BIND V 8 that will run on NT Servers? Commercial Products?

Jim Reid jim at mpn.cp.philips.com
Wed Sep 15 18:15:49 UTC 1999


>>>>> "Karlis" == Karlis Peterson <kpeterson at erols.com> writes:

    Karlis> I am looking to dynamically update DNS with ppp
    Karlis> connections over a private framerelay network.  The users
    Karlis> who dial up are dynamically assigned IPs and I want to
    Karlis> automatically update DNS with it.

Be afraid, very afraid! If you allow Dynamic DNS update from these
(effectively) random IP addresses, you more or less give them
unrestrained write access to your DNS data. They can add, remove or
change any resource records in your domain they choose. Think about
it. And how can you be sure that those IP addresses haven't been
spoofed or that they've not been assigned to someone other than your
"trusted" users? You probably need secure dynamic DNS. This solves
the authentication problem but still isn't much help if your DNS
software on your trusted users systems decides it wants to zap your
zone's NS records or redirect your MX records.

    Karlis> I know Windows 2000 has DDNS capabilities, but I am
    Karlis> running a Win NT 4.0 Platform.

BIND 8.2.2 (due out real soon now) includes an NT port, though I have
no idea how well it works.


More information about the bind-users mailing list