Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DNS Best Practices Question

from [tduffey] Network Security [Permanent Link]
Subject: Re: DNS Best Practices Question
Date: Mon, 22 Nov 2004 15:14:42 -0600 (CST) 
Hi Richard,


When a DNS request comes in we have it forward from internal interface to
external interface. The external DNS servers then sends the request to one
of three main DNS servers at our ISP

Well, yesterday all three of the DNS servers at our ISP had major issues
and it caused DNS related issues within the company. As a result several
discussions were held as to the industries Best Practice on this.


I am not necessarily representative of "the industries," but if I
understand your question correctly (You want to make sure your LAN can
always resolve names) then you should consider running a caching name
server inside you LAN, using something like djbdns:

http://cr.yp.to/djbdns/run-cache-x.html

It's small, fast, secure and easy to setup.  You could have as many of
these as you want although on our small network (50 workstations, 8
servers, 1 Internet connection) it has been sufficient to have only one. 
You could setup DHCP to make this the primary name server and then use
your ISP as secondaries, although your internal server should always work
unless your network is having connectivity issues or the root name servers
are experiencing difficulties, in which case we all have to sit back and
relax for a while.

Regards,

Tom Duffey
Homeboyz Interactive
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DNS Best Practices Question, Robert Hajime Lanning
Next by Date:  RE: New Firewall called Hotbrick LB2VPN, Eric McCarty
Previous by Thread:  Re: DNS Best Practices Question, Robert Hajime Lanning
Next by Thread:  Re: DNS Best Practices Question, sam
Indexes:  [Date] [Thread] [Top] [All Lists]