> >> I'll reply with a quote from the BIND&  DNS book:
> >> It’s the difference between letting random folks call your company’s
> >> switchboard and ask for John Q. Cubicle’s phone number [versus] sending
> >> them a copy of your corporate phone directory.

> > That is a poor analogy.

imho it's perfect.

> On 2010-09-21 16:56, Phil Mayers wrote:
> > Do you have reverse DNS in .in-addr.arpa?

On 22.09.10 11:24, Niobos wrote:
> Yes

> > Have you timed how long an "nmap -sL yoursubnet/mask" takes? Because it
> > doesn't take very long for us, and we've got a lot of large subnets.

> A few seconds

and how long will it take for /48 (2^80 = 1208925819614629174706176) in ipv6
environment? :)

> > Attackers can gain a lot of info from this;
> Correct

at present, yes. with ipv6, they will rely much more on DNS or other public
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Emacs is a complicated operating system without good text editor.
bind-users mailing list

Reply via email to