"Bort, Paul" wrote:
> Having your own DNS server inside the network makes this a lot easier.
Paul,
thanks for the hint. But I refuse to set up a DNS server just for 5-10
computers that should never serve the Internet. That's the meaning of
/etc/hosts, isn't it? I still remember reading the DNS-How-To some years
ago, where the guy said that one must be crazy to want a DNS server in
his small, private network (or something like that, AFAIR). And he was
right.
Now, Sendmail talks about a "simpler" world, due to everybody having a
DNS server, be it for private or public use... It was Sendmail that
forced me to introduce ".". Then I had to change the .amandahosts file.
And I still don't know if this is the reason why netscape sometimes
takes a loooong time to "Connect to bacchus" (or is it just that I still
don't understand mod_perl ;-)). You see, netscape has to contact apache
here, because apache is a proxy, used (through mod_rewrite) to bann
banners...but apache is happier when I have "bacchus", instead of
"bacchus.". Go figure. And then you have /etc/nsswitch.conf...and
masquerading...
If you ask me, I find this an awful mess...
Of course, a DNS server would "simplify" things. But besides the
theoretical point of "Occam's razor" (what is simple?), we have all
these security announcements for bind, that make the blood chill, even
with the most nuclearly hardened packet filter...
--
Regards
Chris Karakas
Don´t waste your cpu time - crack rc5: http://www.distributed.net
