Security Basics mailing list archives
RE: dotLocal Domain
From: "Pete.LeMay" <pete.lemay () whro org>
Date: Fri, 3 Apr 2009 12:40:16 -0400
The use of a .local is to keep internal DNS records from AD, etc from being seen by the outside world without the use of multiple .com server. You could use foo.com internally and externally on different DNS servers, but updates would have to manually be done on both to keep internal only records from being seen outside. This is more obfuscation than security, but why tell people where you domain controllers etc are... You end up with a server for foo.com that has your website, mx, etc records that everyone needs to see and a foo.local internally with all your records that you only want seen from inside your network. Be careful with .local and integrating Macs into your network. There are a couple changes for them to use a .local domain. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Haymi Rock Sent: Tuesday, March 31, 2009 3:22 AM To: security-basics Subject: dotLocal Domain Hi Guys, I know my question is a so newbie question, but it's really confusing me. I don't understand the reason of using the dotLOCAL domain name instead of dotCOM, beside I don't understand how the communication occurs to and from the Internet to this kind of DomainName. Your help is so much appreciated. best regards, Simon ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------
Current thread:
- dotLocal Domain Haymi Rock (Apr 02)
- RE: dotLocal Domain David Gillett (Apr 03)
- Re: dotLocal Domain Phil Bieber (Apr 03)
- Re: dotLocal Domain Ansgar Wiechers (Apr 03)
- RE: dotLocal Domain Pete.LeMay (Apr 03)
- <Possible follow-ups>
- dotLOCAL Domain Haymi Rock (Apr 02)
- Re: dotLOCAL Domain Srikanth Dabbiru (Apr 03)
- RE: dotLOCAL Domain Daniel A. O'Neal (Apr 03)
- Re: dotLOCAL Domain Ansgar Wiechers (Apr 06)
- Re: dotLOCAL Domain Srikanth Dabbiru (Apr 03)
- Re: RE: dotLOCAL Domain arjunvyavahare (Apr 06)