|
I too, put the local name in the host table. About the only thing I put in the host table. Why is it not in the one Windows DNS you also have? I would have thought that would have worked. We do have some IBM i serving DNS. And, yes, we are getting dinged on our audits. Why? Because IBM i reports it as running a really old version of bind. Yes, the team at IBM i has patched most of the errors discovered since this level of bind but it still reports this old level of bind. The problem is convincing the auditors that: - Simply looking at DNS bind level is not sufficient. - You have to show documentation that CVE such and such was resolved by fix such and such - You have to show that the customer has this fix on. And that is really tough to do from port scanning software that the auditors use. Even if the auditors are a wholly owned subsidiary of IBM. Ideally, the auditors would note that bind level such and such was supposed to address CVE such and such which states 'this CVE says that an attack using ... is possible" and then the auditor would attempt that attack. Of course, if that attack was "will cause on overload, death and destruction and a launch of every nuclear device on earth" you might play heck reading the result of the next audit. Rob Berendt
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
