Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Public DNS records pointing to internal hosts: good or bad idea?
New Posts  All Forums:Forum Nav:

Public DNS records pointing to internal hosts: good or bad idea? - Page 2

post #11 of 16
Quote:
Originally Posted by Shub View Post

To restate what I mentioned earlier, we do have internal DNS, but the devs can't update the records programmatically, whereas Amazon Route 53 allows that. They're creating Amazon EC2 instances left and right and don't want to have to bother me to add them in our internal DNS all the time.

Do you have to manage those cloud machines in any way? If so, they should be contacting you when a new machine is created, meaning they need you anyway.
Teh Gam3r
(18 items)
 
Home server
(13 items)
 
 
CPUMotherboardGraphicsRAM
Intel i7 4770 Gigabyte GA-Z87X-D3H Z87 RT Gigabyte GTX 1070 G1 G Skill Cheapo DDR3 1600 
Hard DriveHard DriveHard DriveOptical Drive
OCZ Solid 3 Seagate Crucial SSD LG Sata DVD-RW 
CoolingOSMonitorMonitor
Noctua NH-U9B Windows 10 Pro Cheap 2560x1440 knock off Samsung T240HD  
KeyboardPowerCaseMouse
Logitech G910 Corsair TX750 Cooler Master HAF 932 Logitech G502 
Mouse PadAudio
Steel Series QcK+ SteelSeries Siberia Elite Prism 
CPUMotherboardGraphicsRAM
AMD Phenom X4 9500 Asus M3N78 Pro On board Corsair XMS2 DDR2 800 
Hard DriveHard DriveHard DriveHard Drive
Western Digital Velociraptor Samsung Sata Hitatchi Samsung 
Optical DriveCoolingOSPower
Polaroid USB DVD ROM Thermaltake TR2-R1 CentOS6 x86_64 Ultra 600W 
Case
Ultra X-Blaster 
  hide details  
Reply
Teh Gam3r
(18 items)
 
Home server
(13 items)
 
 
CPUMotherboardGraphicsRAM
Intel i7 4770 Gigabyte GA-Z87X-D3H Z87 RT Gigabyte GTX 1070 G1 G Skill Cheapo DDR3 1600 
Hard DriveHard DriveHard DriveOptical Drive
OCZ Solid 3 Seagate Crucial SSD LG Sata DVD-RW 
CoolingOSMonitorMonitor
Noctua NH-U9B Windows 10 Pro Cheap 2560x1440 knock off Samsung T240HD  
KeyboardPowerCaseMouse
Logitech G910 Corsair TX750 Cooler Master HAF 932 Logitech G502 
Mouse PadAudio
Steel Series QcK+ SteelSeries Siberia Elite Prism 
CPUMotherboardGraphicsRAM
AMD Phenom X4 9500 Asus M3N78 Pro On board Corsair XMS2 DDR2 800 
Hard DriveHard DriveHard DriveHard Drive
Western Digital Velociraptor Samsung Sata Hitatchi Samsung 
Optical DriveCoolingOSPower
Polaroid USB DVD ROM Thermaltake TR2-R1 CentOS6 x86_64 Ultra 600W 
Case
Ultra X-Blaster 
  hide details  
Reply
post #12 of 16
Thread Starter 
No, I don't manage them. They're development instances that don't have a life expectancy much longer than a week on average.
post #13 of 16
Has anyone suggested the idea of implementing a VPN or an ACL?
post #14 of 16
Why would a virtual priovate netowork or a access control list (firewall rules) help o_O
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #15 of 16
Though a different server would be needed, you could restrict access to just amazon's API while putting it on a public address.
post #16 of 16
Quote:
Originally Posted by Ryanb213 View Post

Though a different server would be needed, you could restrict access to just amazon's API while putting it on a public address.

If I understand the OP correctly, the Amazons servers are on a public cloud but firewalled to only accept connections from the OP's companies IP range. The question the OP had was whether having the public DNS was a security issue because it exposes the use of their test/dev servers on Amazon's cloud. And the answer to that is: no - having test/dev servers on a public cloud is the security issue. firewalling access is the security fix.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Public DNS records pointing to internal hosts: good or bad idea?