It sounds like you are dealing with private address space and resolution
issues (possibly with some address translation going on somewhere)

Most organizations tend to resolve this issue (depending on thier firewall
product) via multiple DNS servers.

Internal machines use an internal DNS server, while another DNS server is
provided in the DMZ or outside a firewall or bastion host for the public.

> -----Original Message-----
> From: Sean Eby [mailto:spebyMINDSPRING.COM]
> Sent: Sunday, April 08, 2001 12:25 AM
> To: FOCUS-MSSECURITYFOCUS.COM
> Subject: Re: lmhostfile.txt
>
>
> What exactly are you trying to do??? What are you trying to
> accomplish by
> using the LMHOSTS or HOSTS files instead of a DMZ host? I am
> not sure what
> you are attempting...
>
> Sean
> ----- Original Message -----
> From: "Brian Scottberg" <bpscottILSTU.EDU>
> To: <FOCUS-MSSECURITYFOCUS.COM>
> Sent: Friday, April 06, 2001 8:36 AM
> Subject: lmhostfile.txt
>
>
> > Dear Microsoft Guru's
> > I have a question I am hoping someone could help me with.
> >
> > In order to avoid placing a private adress on a machine in
> our public DMZ,
> I am considering using a lmhost file instead. Does anybody
> know of any
> security risks involved with this move. It is my
> understanding that the
> Windows default is to check its local files first before
> trying to resolve
> an address elsewhere. If anyone has some answers or knows
> where I can find
> more info I would appreciate this greatly.
> >
> > FYI - I am about 2 months into my internship in a security
> department,
> this host file idea was brought to my attention a couple of
> days ago so if
> some info above doesn't quite fit tell me/ correct me, please
> >
> > Thanks for the help in advance...........
> > Brian Scottberg
> >
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]