Risk in adverting intranet on the Internet
Joseph S D Yao
jsdy at cospo.osis.gov
Thu Sep 14 16:42:38 UTC 2000
On Thu, Sep 14, 2000 at 12:52:20PM +0100, Quadri, Jay wrote:
> Do you see any major risk in advertising Internal names on the Internet DNS
> server. Remember that Company IP address is publicly available anyway (e.g.
> hp = 15.0.0.0).
Many companies do exactly what you propose. Many do not, for a variety
of reasons. One is to decrease their footprint, so as not to give any
advantages to hackers and crackers. Another is just to decrease
worldwide namespace pollution.
If there is a lack of skill world wide ... DNS is a fairly simple
skill. I guarantee that the so-called "firewalls", which are probably
just filtering routers, will not be able to keep out determined
hackers. Security requires a greater skill set. A firewall does not
provide security without company-wide security, including a security
policy, user education and acceptance, and other security checks. Many
have likened companies that put their trust entirely on firewalls to
those who lock the doors but leave their ground-floor windows wide open.
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list