|
|
|
|
|
|
by DmitriRavinoff
4363 days ago
|
|
|
Assuming you're doing split-horizon DNS, those records should be hidden from the outside. And the only way to detect the CNAMES other than brute force scanning of a DNS zone is to do a zone transfer. And you only have zone transfers allowed from other relevant DNS servers, right? And your monitoring software will catch a brute-force scan, right? Remember that the reverse dns always resolves to something like orange.example.com, which gives away no information at all. |
|
|