"stealth master" DNS Security
Chris Dew
cmsdew at googlemail.com
Wed Mar 25 14:17:05 UTC 2009
IPSEC really isn't too onerous between machines with static IP
addresses.... just a thought.
2009/3/25 Ram Akuka <ramakuka at gmail.com>:
> 2009/3/25 Alan Clegg <Alan_Clegg at isc.org>:
>> Ram Akuka wrote:
>>
>>> Is there's any way I can encrypt the zone transfer date (without using
>>> any third-party encryption tool)?
>>
>> Why exactly do you want to do this?
>>
>> DNS data is NOT PROTECTED DATA.
>>
>> As long as queries and responses are permitted in the clear (which is
>> the way DNS works), you are only fooling yourself by doing all of this
>> "encryption".
>>
>> AlanC
>
> indeed this is not protected data , but i don't want to give to a
> potential intruder all the data of all my clients just by listening to
> my zone transfer data.
> but in the overall i agree the best way to do it is by securing my servers.
>
> thanks anyway ,
>
>
> Ram
>
>>
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
More information about the bind-users
mailing list