SOA and reverse map on same server....Security issues?
Brad Knowles
brad at stop.mail-abuse.org
Wed Jun 22 21:14:10 UTC 2005
At 8:04 PM +0000 2005-06-22, Mike Sponsler wrote:
> Are there any security issues (or overall advantages) to having an SOA
> server for a bunch of domains and a seperate server doing the reservse
> zone mapping? I know that its generally a good idea to seperate as
> man DNS functions as possible to make it more secure. But will
> placing the SOA and reverse mapping on different DNS servers really
> matter?
You need to separate authoritative from caching functions, but
beyond that you're not going to get any further additional security
benefits by separating forward from reverse DNS services.
Go ahead and put them both on the same server. You'll be fine.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-users
mailing list