Do I need TSIG for zone transfer on an intranet env?

April xiaoxia2005a at yahoo.com
Thu Jun 29 01:15:31 UTC 2006


that's true .. however how many people in Securiy really know DNS?  ;-)

What I should ask probably is in general, should ACL or TSIG be
implemented in an intranet env?

Kevin Darcy wrote:
> April wrote:
> > is it too much?  ACL should do the job?
> >
> Perhaps you should ask such questions of your Chief Security Officer, or
> on a security-related list. Is source-address-based security sufficient
> on an intranet? How much security is enough security, and where does it
> cross the line into overkill?
>
>
>                         - Kevin



More information about the bind-users mailing list