On Fri, Mar 21, 2014 at 8:50 AM, Mitchell Kuch <mi...@basejp.com> wrote:
> Hello - > > I've adopted a number of zones and most of them contain "localhost in > a 127.0.0.1" records. I'm curious what current RFC standards state and > what the community considers best practice. RFC1537 states that zones > should contain a localhost record, but it seems that practice was > obsoleted by RFC1912. Is anyone aware of negative consequences with > leaving such records in place, perhaps a XSS vulnerability? > > I'm itching to remove the records but thought I'd check to see if > there was a legacy use case. > > I would take a look at the query logs for the zones in question. You might be surprised at how many queries are being made by systems that are applying a suffix from the search list because of the lack of of an entry for localhost in the hosts file or the mishandling thereof. Casey
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
