Accessing windows 2000 dns through linux - Security

This is a discussion on Accessing windows 2000 dns through linux - Security ; Hi folks, In my company we had one Windows 2000 domain called kochi.example.com (Private DNS) and one Redhat Linux proxy Server(for internet) Now the squid is working is fine. We can able to access the internet.. In a Internet client ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Accessing windows 2000 dns through linux

  1. Accessing windows 2000 dns through linux

    Hi folks,

    In my company we had one Windows 2000 domain called kochi.example.com
    (Private DNS) and
    one Redhat Linux proxy Server(for internet)


    Now the squid is working is fine. We can able to access the internet..

    In a Internet client machine,

    But if we want to access the intranet access sites(for example
    mumbai.example.com,madras.example.com),
    we have to include the entries
    in Internet Explorer - tools-Internet settings -Lan Settings - Do not
    use the proxy server for local address - In exceptions tab we have to
    specify
    *.example.com..

    In an intranet client machine,

    We can access intranet access perfectly by giving dns ip without proxy
    ..


    Now the management team wants to do this...

    All requests to both internet (www.yahoo.com) sites and intranet
    (kerala.example.com) sites goues through proxy. If it is

    a intranet site it should be redirected this to Windows 2000 Domain
    (for resolving). Internet Sites should go through proxy as it is.

    For that I made entry in proxy server /etc/resolv.conf

    my private dns ip
    my public dns ip

    Now internet is not working..because all requests goes through private
    dns ip.

    Precisely, they want to eliminate the settings(Do not use the proxy
    server for local address - In exceptions tab we have to specify
    *.example.com..). Only they want to specify the proxy ip address and
    its port (for local intranet specifing the dns server ip).


    What Should I do ?


  2. Re: Accessing windows 2000 dns through linux


    pandi wrote:

    > Now internet is not working..because all requests goes through private
    > dns ip.
    >
    > Precisely, they want to eliminate the settings(Do not use the proxy
    > server for local address - In exceptions tab we have to specify
    > *.example.com..). Only they want to specify the proxy ip address and
    > its port (for local intranet specifing the dns server ip).
    >
    >
    > What Should I do ?


    Assuming your proxy's DNS service still does return IPs for names when
    asked, can you setup the Windows DNS server to use the proxy's DNS as a
    forwarder? Sounds like resolv.conf only affects the host OS usage of
    DNS when it needs info, but not the actual running of DNS zones.

    You may be better off setting up Split-DNS on your proxy server. The
    BIND documentation at www.isc.org has this described, get the source
    code, and find the Bv9ARM.pdf. This way, if you have the proxy use
    itself as a DNS resolver, and host the internal names/IP's on it - yet
    restrict who can get at this information (only 127.0.0.1 or internal
    IP's), then you have some level of safety in not exposing your world to
    ours.

    -Gary


+ Reply to Thread