But Windows 2003 mentions there is no more security vulnerability for running DHCP on domain controller.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy David Sent: Tuesday, 29 July 2003 4:13 AM To: Exchange Discussions Subject: Re: DNS & DHCP Question http://support.microsoft.com/default.aspx?scid=kb;en-us;255134 ----- Original Message ----- From: "Dickenson, Steven" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, July 28, 2003 1:15 PM Subject: RE: DNS & DHCP Question > Can you provide more information, or point me in the direction of said > information, regarding this DHCP security vulnerability. > > Thanks, > Steven > --- > Steven Dickenson <[EMAIL PROTECTED]> > Network Administrator > The Key School, Annapolis Maryland > > -----Original Message----- > From: Ed Crowley [mailto:[EMAIL PROTECTED] > Sent: Monday, July 28, 2003 10:45 AM > To: Exchange Discussions > Subject: RE: DNS & DHCP Question > > > There's a security hole in running DHCP on a domain controller in that it > can easily take over name registrations. It's best to run DHCP on a member > server. I believe that DNS is best run in Active Directory Integrated mode > on every domain controller. In Windows 2003, DNS is improved to repliacte > DNS to all domain controllers in a forest instead of within a domain. > > Ed Crowley MCSE+Internet MVP > Freelance E-Mail Philosopher > Protecting the world from PSTs and Bricked Backups!T > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Bridges, Samantha > Sent: Monday, July 28, 2003 5:59 AM > To: Exchange Discussions > Subject: DNS & DHCP Question > > Is it not recommended to run DHCP and DNS services on the Root server in a > Windows AD setup? I will be upgrading our domain to AD next week and wonder > if I should setup another server or two for the DCHP services and DNS > services. > > What should the root server be capable of handling? Should it be just a > root server and that's it? > > What are your thoughts on where to "put" these services. > > Thanks forum! > > Samantha > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&; lang > =english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&; lang > =english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&; lang=english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.505 / Virus Database: 302 - Release Date: 30/07/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.505 / Virus Database: 302 - Release Date: 30/07/2003 _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
