Thanks for all the responses, Seems like the unanimous response is for
firewalls to point to internal DNS servers for name resolution.
We had originally felt that pointing to external DNS would provide perhaps just
a little more isolation and help prevent topology mapping and discover
processes should we come under attack. I am now thinking that pointing to
internal DNS would not only address the reverse lookup issue, but also help
protect against a poisoned DNS for the internal domain. Anyone care to comment
on this?
Bill
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
