|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Why is RFC1918 space in public DNS evil?
On Mon, 18 Sep 2006 17:57:43 +0200, Peter Dambier said: > It can make sense: > > I am sending my mails mostly from lumbamba.peter-dambier.de (192.168.48.226) > my router is krzach.peter-dambier.de (192.168.48.2) > my mailer is echnaton.peter-dambier.de (192.168.48.228) > > My traceroute looks ok although some of the hosts are RFC1918 > If somebody looks into my email headers they find information that makes > sense although they could not ping the hosts. > > As long as you do not allow AXFR, nobody can see the information about > RFC1918 hosts. So there is no risk. Unless of course you're leaking it in Received: headers.. Or DNS requests across the public Internet (remember, we *started* with the question of having this stuff on a public-facing DNS server..).. Or all the other myriad ways this stuff tends to leak out. AXFR is the *least* of your problems. Attachment:
pgp00012.pgp
|