ICANN/DNSO
DNSO Mailling lists archives

[ga-full]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [ga] Alt.root'ers resorting to spam?


BTW, your quoting mechanism sux. Please use something besides vi, as a
mailreader.

|> From: steinle@smartvia.de [mailto:steinle@smartvia.de]
|> Sent: Wednesday, December 12, 2001 12:39 PM
|> 
|> Btw. if you would run only one windows pc you could 
|> download the NameSlinger plug-in here: 
|> http://www.nameslinger.com/dnsupgrade.html. But I 
|> think you would rather download it from pacificroot: 
|> http://www.pacificroot.com/updatedns.shtml 
|> It's the same plug-in.

And how does this help MHSC, or its clients, resolve internal TLDs? We have
many of them, for internal security purposes. That is the problem with the
whole concept of these plug-ins. They assume that internal LAN and external
internet are the same thing. Many workstations, in business environments,
resolve internal roots and only get out via proxy servers. These plug-ins
actually create security holes. The same ones created by referencing the DOC
legacy root servers directly. This is why these business have their own
internal roots, behind firewalls and on internal LANs, in a fully
distributed architecture, in the first place. The demarc-point is the
external firewall. Many (all telcos) even have layers of internal firewalls,
like an onion. For references, see Jefsey's latest messages. He's got it
right. Some of them even use RFC1918 addresses, internally.

--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>