[svlug] Bind Vulnerabilities

Rick Moen rick at linuxmafia.com
Sun Mar 25 08:49:01 PST 2001


begin  Drew Bertola quotation:

[BIND v. 9's "views" feature:]

> Seems like this is just the thing for my firewall/router/dns/webserver
> box.  I only have one static IP, so my internal network is all
> 192.168.x.y and I don't want my DNS server broadcasting what my
> internal stuff.  I guess from the outside, I'll offer a view of all
> public domain info, while from the inside, there'll be a view of both
> public and my private domains.  Cool.  All from one DNS box.

Oh, yes.  The work-around required with BIND 8 to accomplish the same 
thing is quite hideous, and this has been an eagerly anticpated feature,
for that reason.  There's even been a section in Craig Hunt's _DNS and
BIND_ book for years, talking about how it works and how handy it is,
but for the fact that it hasn't been actually implemented.

-- 
Cheers,                                      Right to keep and bear
Rick Moen                                  Haiku shall not be abridged
rick at linuxmafia.com                           Or denied.  So there.




More information about the svlug mailing list