[prev in list] [next in list] [prev in thread] [next in thread]
List: inet-access
Subject: Re: trusted DNS
From: Jason Philbrook <jp () saucer ! midcoast ! com>
Date: 2003-11-12 21:41:30
[Download RAW message or body]
I don't use hostnames or fqdn's in firewall rules. It could slow things
down a lot looking up hostnames as it checks rules. And it might stop
working at all if one of the hostnames's nameservers have some trouble.
> I've got a general security question for the list. When you're
> programming firewall rules, do you "hard code" with IP addresses, or do
> you use DNS entries?
> Followup: If you use DNS, what steps would be appropriate to ensure that a
> hacker does not change/usurp your DNS data and use it to effectively
> invalidate your firewall rules?
>
> Al Hopper Logical Approach Inc, Plano, TX. al@logical-approach.com
> Voice: 972-379-2133 Fax: 972-379-2134
> MicroSoft is a giant marketing machine, that just happens to also sell software.
>
> _______________________________________________
> "Eat sushi frequently". - Avi
> inet@inet-access.net is the human contact address.
> list@inet-access.net is the list posting address.
> See below URL for subscribe/unsubscribe and list options:
> http://inet-access.net/mailman/listinfo/list
--
/*
Jason Philbrook | Midcoast Internet Solutions - Internet Access,
KB1IOJ | Hosting, and TCP-IP Networks for Midcoast Maine
http://f64.nu/ | http://www.midcoast.com/
*/
_______________________________________________
"Eat sushi frequently". - Avi
inet@inet-access.net is the human contact address.
list@inet-access.net is the list posting address.
See below URL for subscribe/unsubscribe and list options:
http://inet-access.net/mailman/listinfo/list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic