Home page logo
/

basics logo Security Basics mailing list archives

RE: dotLocal Domain
From: "Pete.LeMay" <pete.lemay () whro org>
Date: Fri, 3 Apr 2009 12:40:16 -0400

The use of a .local is to keep internal DNS records from AD, etc from
being seen by the outside world without the use of multiple .com server.
You could use foo.com internally and externally on different DNS
servers, but updates would have to manually be done on both to keep
internal only records from being seen outside. This is more obfuscation
than security, but why tell people where you domain controllers etc
are...

You end up with a server for foo.com that has your website, mx, etc
records that everyone needs to see and a foo.local internally with all
your records that you only want seen from inside your network. 

Be careful with .local and integrating Macs into your network. There are
a couple changes for them to use a .local domain.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Haymi Rock
Sent: Tuesday, March 31, 2009 3:22 AM
To: security-basics
Subject: dotLocal Domain

Hi Guys,
I know my question is a so newbie question, but it's really confusing
me.
I don't understand the reason of using the dotLOCAL domain name
instead of dotCOM, beside I don't understand how the communication
occurs to and from the Internet to this kind of DomainName.

Your help is so much appreciated.
best regards,

Simon

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal
year? Check out the online information security courses available at
InfoSec Institute. More than a boring "talking head", train in our
virtual labs for a total hands-on training experience. Get the certs you
need: CEH, CPT, CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year? Check out the online information security 
courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total 
hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]