Am 29.11.2012 08:24, schrieb Andy Brody: >> don't get me wrong but a network without DNS is not a network >> your troubles are facing why >> >> DNS was developed decades ago to not distribute hostfiles >> and is not a security risk at all if it is not open on >> the WAN interface > > It really works just fine, with the possible exception of postfix. > This is an environment that stores sensitive information, so it's much > more important to prevent data exfiltration and to ensure the > authenticity of the IP addresses than it is to avoid using host files. > DNS was not designed with security in mind. (And many DNS servers have > a rather poor record when it comes to security.)
this maybe off-topic BUT where in the world is a security problem of a LOCAL DNS server controlled by yourself and how do you come to the conclusion that /etc/hosts is more secure?
signature.asc
Description: OpenPGP digital signature
