Re: InterNIC Name Server is a slave server

To: Chris Wagner <wagnerc@plebeian.com>
Cc: t s a d i <ch4di@yahoo.com>, debian-isp@lists.debian.org
Subject: Re: InterNIC Name Server is a slave server
From: Robert Varga <robi@piros.zold.net>
Date: Wed, 8 Mar 2000 01:46:57 +0100 (CET)
Message-id: <Pine.LNX.3.96.1000308014223.5910A-100000@piros.zold.net>
In-reply-to: <20000307205607Z834748-8809+1168@mail.one.net>

On Tue, 7 Mar 2000, Chris Wagner wrote:

> At 02:20 AM 3/7/00 -0800, t s a d i wrote:
> >is, is it OK if the DNS server registered on InterNic as authoricative
> >is not a master but just a slave w/c depends on its data from an
> >external/different DNS server ?
> 
> As long as the servers listed by InterNIC give out correct DNS info, it
> shouldn't matter.  You might have some strange behaviour if something wants
> an authoritative answer but I doubt it.
> 

You have some mistaken opinion about DNS authority. A slave DNS server is
an authoritative DNS server. Only cached DNS data is not an authoritative
source of information.

IMHO best security for DNS services is to get their data from an
unpublished third DNS server, and publish two slave servers for the
registrar.

This way neither of the DNS servers can be bombarded with false update
requests forged to come from the master since the master should be unknown 
for outsiders. This way the slave DNS data cannot be poisoned.

Robert Varga

Reply to:

Follow-Ups:
- Re: InterNIC Name Server is a slave server
  - From: "Mailing List" <maillist@jasonlim.com>

References:
- Re: InterNIC Name Server is a slave server
  - From: wagnerc@plebeian.com (Chris Wagner)

Prev by Date: Re: InterNIC Name Server is a slave server
Next by Date: Re: InterNIC Name Server is a slave server
Previous by thread: Re: InterNIC Name Server is a slave server
Next by thread: Re: InterNIC Name Server is a slave server
Index(es):
- Date
- Thread