Mailinglist Archive: opensuse-security (520 mails)
| < Previous | Next > |
Re[2]: [suse-security] NSCD
- From: Nix <suse@xxxxxxxxxxxxxxx>
- Date: Tue, 19 Dec 2000 10:51:25 +1100
- Message-id: <5.0.1.4.0.20001219104828.00af14e8@xxxxxxxxxxxxxxxxxxxx>
My initial thoughts were that web server logging could take advantage
of this. I.e. if a visitor downloads multiple pages from a server,
then the server needn't query the DNS server for each page to find out
the FQDN from the ip address. But I would have thought that any good
webserver would cache internally anyway ?!
I hope to hell that you don't log DNS names in you web server logs!!??!!
FYI, you should NEVER log dns names for anything. It slows you server
down to the speed of DNS replies, which is most definately a "bad idea" (tm)
I see it fairly often where clients with Gauntlet Firewalls have discovered the
"log DNS names" check box in the Firewall manager, then come complaining
that there is something wrong with their firewall, and that it's running horendously
slow...
-Nix
--
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
| < Previous | Next > |