I am seeing host records on my internal DNS server that have public IPs. Should that be allowed? They are not for any servers we access.
Asked
Active
Viewed 212 times
0
-
Probably not, but could you elaborate on what kind of DNS server you're running; exactly what hosts (belong to you, or unknown), and if anyone should be connecting *from* those IPs? – Chris S Jul 14 '10 at 19:03
-
Where exactly in the DNS server are you seeing these? – joeqwerty Jul 14 '10 at 21:07
1 Answers
0
Normally the internal server is configure to proxy to the Internet for external sites. It is normal for the internal server to provide public IPs. I assume you have determined these sites are being served up by requesting the site. In that case what you see is normal.
If your are using BIND, you can log all the requests that are being handled. This can show who is requesting which name, and how the request was answered. Secure your server so that it will not respond to queries from the Internet.
BillThor
- 27,737
- 3
- 37
- 69