|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
DNS -vs- the firewall: security thoughts
Bennett Todd (bet
rahul.net)
Mon, 9 Mar 1998 03:51:00 -0800
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Bret Watson: "Re: DNS -vs- the firewall: security thoughts"
- Previous message: Joe Ippolito - President SVNPA: "Re: BorderManager vs MS Proxy 2 and Firewall-1"
- Next in thread: Bret Watson: "Re: DNS -vs- the firewall: security thoughts"
- Reply: Bret Watson: "Re: DNS -vs- the firewall: security thoughts"
- Reply: Paul D. Robertson: "Re: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito - President SVNPA: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito - President SVNPA: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Itai Dor-on: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito: "RE: DNS -vs- the firewall: security thoughts"
I'm currently contemplating a serious redesign, doing away with DNS from
the internet altogether. We use _nothing_ but non-transparent proxies on
the firewall, so I can't see any good reason why end-user workstations
should need to be able to resolve internet hostnames. I'd really love to
chop that off altogether; people are getting cleverer about using
bizarrely-corrupted DNS data to burgle systems.
-Bennett
- Next message: Bret Watson: "Re: DNS -vs- the firewall: security thoughts"
- Previous message: Joe Ippolito - President SVNPA: "Re: BorderManager vs MS Proxy 2 and Firewall-1"
- Next in thread: Bret Watson: "Re: DNS -vs- the firewall: security thoughts"
- Reply: Bret Watson: "Re: DNS -vs- the firewall: security thoughts"
- Reply: Paul D. Robertson: "Re: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito - President SVNPA: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito - President SVNPA: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Itai Dor-on: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito: "RE: DNS -vs- the firewall: security thoughts"
- Maybe reply: Joe Ippolito: "RE: DNS -vs- the firewall: security thoughts"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:10:40 CDT