[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Best practice: DNS location
If you are running DNS on NT, don't make the NT box a member of your domain. -----Original Message----- From: Will Schwartz [mailto:[email protected]] Sent: Thursday, October 12, 2000 3:57 PM To: [email protected] Subject: RE: [FW1] Best practice: DNS location I would have your public DNS on a DMZ. I would house your private DNS on the LAN. The Public DNS should only contain the DNS records that you absolutely need to run, your internal DNS can have the rest. No one should connect to your internal DNS from the outside. You can setup a forwarding on your internal DNS to query your external DNS. I would never run DNS on a firewall, it is too insecure. One of the most common things to hack is DNS. I would dedicate a machine to it. HTH ~will -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Chinnery Paul Sent: Thursday, October 12, 2000 3:22 PM To: [email protected] Subject: [FW1] Best practice: DNS location Currently using FW 4.0 on an NT 4.0 network. Our ISP wants us to install our own DNS and use them as secondary. My question is where the DNS should be: should it be on our firewall server or on our internal network. We are using NAT. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|