On 22/09/10 4:14 AM, Doug Barton do...@dougbarton.us wrote:
On 9/21/2010 7:46 AM, Kalman Feher wrote:
It may well be analogous to that (though I disagree), but the quote does not
substantiate why knowing public information is bad. In the example above,
you've simply saved your switchboard
On 2010-09-21 16:46, Kalman Feher wrote:
If you don't
want someone to know it, don't make it public (at the very least).
I agree totally!
You'll have to accept that no matter what steps you take, your public
information will be available to those who wish to find it.
I agree.
But I'd argue
On 2010-09-21 16:56, Phil Mayers wrote:
On 21/09/10 14:43, Niobos wrote:
On 2010-09-21 15:32, Kalman Feher wrote:
On 21/09/10 8:43 AM, Niobosnio...@dest-unreach.be wrote:
I personally find protection against zone enumeration to be a false
sense of
security. If it's public people will find
I'll reply with a quote from the BIND DNS book:
It’s the difference between letting random folks call your company’s
switchboard and ask for John Q. Cubicle’s phone number [versus] sending
them a copy of your corporate phone directory.
That is a poor analogy.
imho it's perfect.
On
On 22/09/10 11:29 AM, Matus UHLAR - fantomas uh...@fantomas.sk wrote:
I'll reply with a quote from the BIND DNS book:
It¹s the difference
between letting random folks call your company¹s
switchboard and ask
for John Q. Cubicle¹s phone number [versus] sending
them a copy of
your
Thank you for the excellent advice!
On 2010-09-20 18:09, Kevin Oberman wrote:
I recommend anyone attempting to secure their DNS read the NIST Computer
Security Resource Center document SP800-81 Rev.1, Secure Domain Naming
System (DNS) Guide at:
On 21/09/10 8:43 AM, Niobos nio...@dest-unreach.be wrote:
Thank you for the excellent advice!
On 2010-09-20 18:09, Kevin Oberman wrote:
I recommend anyone attempting to secure their DNS read the NIST Computer
Security Resource Center document SP800-81 Rev.1, Secure Domain Naming
System
On 2010-09-21 15:32, Kalman Feher wrote:
On 21/09/10 8:43 AM, Niobos nio...@dest-unreach.be wrote:
I personally find protection against zone enumeration to be a false sense of
security. If it's public people will find it. Ask your self what it is that
you want publically accessible yet you
On 21/09/10 14:43, Niobos wrote:
On 2010-09-21 15:32, Kalman Feher wrote:
On 21/09/10 8:43 AM, Niobosnio...@dest-unreach.be wrote:
I personally find protection against zone enumeration to be a false sense of
security. If it's public people will find it. Ask your self what it is that
you want
On 9/21/2010 7:46 AM, Kalman Feher wrote:
It may well be analogous to that (though I disagree), but the quote does not
substantiate why knowing public information is bad. In the example above,
you've simply saved your switchboard and the caller some time. If you don't
want someone to know it,
On Sep 21, 2010, at 10:14 PM, Doug Barton wrote:
On 9/21/2010 7:46 AM, Kalman Feher wrote:
It may well be analogous to that (though I disagree), but the quote does not
substantiate why knowing public information is bad. In the example above,
you've simply saved your switchboard and the
Date: Mon, 20 Sep 2010 11:03:31 +0200
From: Kalman Feher kalman.fe...@melbourneit.com.au
Sender: bind-users-bounces+oberman=es@lists.isc.org
Apologies in advance for the longer than intended reply.
I've spent a lot of time reviewing documents regarding timing values and
they vary
On 20/09/10 6:09 PM, Kevin Oberman ober...@es.net wrote:
Date: Mon, 20 Sep 2010 11:03:31 +0200
From: Kalman Feher kalman.fe...@melbourneit.com.au
Sender: bind-users-bounces+oberman=es@lists.isc.org
Apologies in advance for the longer than intended reply.
I've spent a lot of time
Hi,
I'm playing around with the different timers of DNSSEC. Usually these
timers are a balance between a low overhead vs quick propagation:
* A high TTL gives more caching and thus less load on the authoritative
server; but it takes a long time for updates to propagate.
* A short RRSIG lifetime
14 matches
Mail list logo