[isalist] Re: OT: DNS and Forwarders

• From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Thu, 19 Oct 2006 17:22:25 -0400

http://www.ISAserver.org
-------------------------------------------------------

It won't make Thor happy, but it's not bad. Does the PIX have DNS server
or proxy? If so you could forward to it. I've only messed with the PIX
501 once and that was more than a year ago.

On the other topic: I've settled in on 3 ISA servers for that client. 2
at the main office and 1 at a remote site. Might need some more later
for other sites but this will get us off to a flying start. 

Amy 
 
   
 
 

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of ISA
Sent: Thursday, October 19, 2006 4:55 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] OT: DNS and Forwarders

http://www.ISAserver.org
-------------------------------------------------------
  

Thor / Amy: Thank you again.

The network is:
Windows 2003 DC/DNS > Pix501 > Internet

Very simple network, BUT a typical network for small businesses (that
being said you can replace the word pix with Sonicwall, linksys, etc).

For the Client's benefit to browse the internet, the typical config (for
me) is to configure the DC/DNS with forwarders pointing to the ISP's DNS
servers.

Is there a better config for this scenario above?


Joseph Danielsen, MCSA-Messaging, MCP

Network Blade Inc.

49 Marcy Street

Somerset, NJ 08873

732-213-0600

www.networkblade.com

 

 


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Amy Babinchak
Posted At: Thursday, October 19, 2006 4:47 PM
Posted To: ISA
Conversation: [isalist] OT: DNS and Forwarders
Subject: [isalist] Re: OT: DNS and Forwarders

http://www.ISAserver.org
-------------------------------------------------------
  
Joseph,

Are you saying that you need DNS functionality on a network without a
firewall? In that case you have no choice but the use the DNS server
provided by the ISP. You also have larger security concerns than DNS.

If what you are saying is you have a non-ISA non-SBS environment with a
firewall appliance you can usually use this appliance as the DNS server
for your workstations provided you buy one in the $200+ range. If you go
with the $50 model, when then you're in the same spot as paragraph 1.

Amy 
 
   
 
 
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of ISA
Sent: Thursday, October 19, 2006 11:54 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] OT: DNS and Forwarders

http://www.ISAserver.org
-------------------------------------------------------
  
Thor - a most excellent passage of DNS and network security. 

Unfortunately, I usually run into the typical client (as was this case)
that only has one server, one gateway (pikes, conicwell etc) and a few
clients.

ISA, DMZ and hosting of anything themselves is out of the question
(except that which is offered by SBS 2003).


The fundamental question is how to best configure the network to allow
the clients and server to resolve internet names (where ISA/DMZ are not
present). I would assume that your clients are pointing to the DC/DNS
server!?! From there, there are a few options: Configure DNS server to
forward / not forward, configure it's NIC with for the ISP DNS server IP
etc.

Actually I suppose this question/scenario might not be best addressed
from this list; since this list is dedicated to ISA which is an
enterprise product not represented well in the SMALL small business
market.

Thanks again for the DNS brief - that'll be another one that I'll
archive for my records.

Joseph Danielsen, MCSA-Messaging, MCP

Network Blade Inc.

49 Marcy Street

Somerset, NJ 08873

732-213-0600

www.networkblade.com

 

 


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Thor (Hammer of God)
Posted At: Wednesday, October 18, 2006 11:50 PM
Posted To: ISA
Conversation: [isalist] Re: OT: DNS and Forwarders
Subject: [isalist] Re: OT: DNS and Forwarders

http://www.ISAserver.org
-------------------------------------------------------
  
I've found that many people seem to dance over the security
ramifications of
DNS/forwarders when designing an infrastructure.  I had some off-list
conversations about this, and thought that it may be valuable to fully
flesh-out what I think the issues are and how to avoid them.  Now's also
probably a good time to share my "trick" regarding publicly available
DNS
and minimizing service exposure.  So, for the benefit of those who are
interested:

When AD DNS is configured as a forwarder, all domain members using that
DNS
server will be able to resolve hostnames directly from their IP stack.
There is no operational reason to have this-- when one considers that
most
spyware/malware/trojans/backdoors/shells/etc typically depend on
hostname
lookups for direct access to a resource, the capability of a client box
to
perform direct host lookups outside your network should (to me) be
considered unwanted and un-needed.  Personally, I qualify it as
"dangerous."

That's why I always configure my AD DNS with a root (.) zone- that way,
only
local zones may be queried by the client's stack.  I typically only use
web
proxy clients for HTTP(S)/FTP where all DNS is proxied by the ISA box.
If
one needs direct DNS for another application (say DOS FTP) then use the
FWC
and all DNS will be resolved over the control channel, still being
proxied
by the ISA server.

The ISA server itself will have whatever "public" DNS server configured
in
its stack so that it can do the resolution for the clients.

Not only is direct client DNS "dangerous," but having an AD box set up
as a
forwarder is "dangerous" as well as the box must be configured to access
a
remote resource over TCP/UDP 53.  This also means that you've opened
that
box up for incoming traffic on TCP/UDP 53 as well.  Having static paths
into
your internal network from source port routing is crazy.  I can push
anything I want over 53, not just DNS (and have ;).  Remember, the DNS
filter is only for published DNS servers, not clients requesting DNS
lookups.

But there is the issue of one wanting complete control over host names
and
the need to publish your own DNS.  This is what the DMZ is for.  The DMZ
box
is set as a forwarding server, and the internal ISA box is set to use
that
box for all DNS requests.  In this way, only the ISA box itself need to
request DNS outside the internal network, and it is already protected.
In
this manner, there is no DNS leaving the internal network at all, and no
static ports into the internal network-- only the ISA box looking up
DNS,
and only to that DMZ resource.  The DNS server in the DMZ is protected
by
the border ISA box, which (where necessary) is publishing DNS to the DMZ
for
remote hosts to look up your domain information.  And here the DNS
filter is
used.

But you can get even better than that-- you can actually be fully in
control
of your own zone data without having to actually publish your DNS to the
world if you have a decent ISP.

Here's what I do for that-- I have DMZ DNS servers set up as primary DNS
zones, and have told my ISP to set up their servers as secondary zones
for
my domains.  The DMZ box can only zone transfer to the IP's of my ISP's
DNS
servers.  Additionally the DMZ box is set to forward to my ISP's cache
servers.  So, at this point, all internal AD DNS is stopped at the
controller, and only the ISA box can resolve DNS and only to the DMZ DNS
server.  My internal Exchange clusters' stack resolves to the AD
controller,
and they smart host deliver mail to my DMZ GFI gateway, so still no DNS
leaving.  The GFI box in the DMZ uses the DMZ DNS.

The trick is that though I'm primary DNS, and though any changes I make
to
my DNS hosts are immediately replicated to my ISP as secondary DNS, I've
registered my DNS with the domain registry as my *ISP* being primary.
So
the world resolves my host names via my *ISP's* DNS servers, not *mine*.
I
don't even have to publish DNS at all.

The end result is that no DNS requests leave my internal network at all,
except for a single DNS box in the DMZ that can only resolve to the ISP
DNS
caches.  There is no publishing at all, no internal paths, no vulns,
nothing
at all since the world resolves to the ISP boxes yet I have full control
over all host name entries.

It's a pretty tight config.

t



On 10/18/06 11:01 AM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> spoketh
to
all:

> http://www.ISAserver.org
> -------------------------------------------------------
> 
> The T-Man is definitely right about this.
> 
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://blogs.isaserver.org/shinder/
> Book: http://tinyurl.com/3xqb7
> MVP -- Microsoft Firewalls (ISA)
> 
>  
> 
>> -----Original Message-----
>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor
>> (Hammer of God)
>> Sent: Wednesday, October 18, 2006 12:52 PM
>> To: isalist@xxxxxxxxxxxxx
>> Subject: [isalist] Re: OT: DNS and Forwarders
>> 
>> http://www.ISAserver.org
>> -------------------------------------------------------
>>   
>> Why do your internal clients need to resolve DNS directly?  I
>> never ever use
>> forwarders on my AD boxes.  I always create root zones on my
>> AD DNS servers
>> and only use ISA to resolve DNS for web proxy/fw clients.
>> 
>> That's where what I consider "true" security and separation
>> comes from.
>> 
>> t
>> 
>> 
>> On 10/18/06 9:13 AM, "ISA" <ISA@xxxxxxxxxxxxxxxx> spoketh to all:
>> 
>>> http://www.ISAserver.org
>>> -------------------------------------------------------
>>> 
>>> 
>>> This actually has happened with and without forwarders -
>>> 
>>> Steve, I interpret your suggestion as using only the Root Hints?
>>> 
>>>  
>>> 
>>> Joseph Danielsen, MCSA-Messaging, MCP
>>> 
>>> Network Blade Inc.
>>> 
>>> 49 Marcy Street
>>> 
>>> Somerset, NJ 08873
>>> 
>>> 732-213-0600
>>> 
>>> www.networkblade.com
>>> 
>>>  
>>> 
>>>  
>>> 
>>> 
>>> -----Original Message-----
>>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx]
>>> On Behalf Of Steve Moffat
>>> Posted At: Wednesday, October 18, 2006 12:08 PM
>>> Posted To: ISA
>>> Conversation: [isalist] Re: OT: DNS and Forwarders
>>> Subject: [isalist] Re: OT: DNS and Forwarders
>>> 
>>> http://www.ISAserver.org
>>> -------------------------------------------------------
>>>   
>>> FWIW.....I have 2 caching only DNS Servers that I setup to use as
>>> forwarders for my AD DNS Servers, when I use them, I get
>> the very same
>>> issue. If I however, remove them from the forwarders
>> section, I have no
>>> DNS Issues at all whatsoever, anytime.
>>> 
>>> S
>>> 
>>> -----Original Message-----
>>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx]
>>> On Behalf Of ISA
>>> Sent: Wednesday, October 18, 2006 1:03 PM
>>> To: ISA Mailing List
>>> Subject: [isalist] Re: OT: DNS and Forwarders
>>> 
>>> http://www.ISAserver.org
>>> -------------------------------------------------------
>>> 
>>> Thanks Mike:
>>> 
>>> I will try clearing the cache - but this happens now about everyday
>>> (morning usually). I really have to find the source of the problem.
>>> 
>>> 
>>> 
>>> Joseph Danielsen, MCSA-Messaging, MCP
>>> 
>>> Network Blade Inc.
>>> 
>>> 49 Marcy Street
>>> 
>>> Somerset, NJ 08873
>>> 
>>> 732-213-0600
>>> 
>>> www.networkblade.com
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> -----Original Message-----
>>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx]
>>> On Behalf Of Michael Ross
>>> Posted At: Wednesday, October 18, 2006 12:01 PM
>>> Posted To: ISA
>>> Conversation: [isalist] OT: DNS and Forwarders
>>> Subject: [isalist] Re: OT: DNS and Forwarders
>>> 
>>> http://www.ISAserver.org
>>> -------------------------------------------------------
>>> 
>>> Windows 2003 DNS servers?
>>> Believe it or not, ive seen that . It's a cache pollution type of
>>> behavior, with no logging or other signs to prove that.
>>> Try to clear the DNS cache next time and see if it helps.
>>> 
>>> -----Original Message-----
>>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx]
>>> On Behalf Of ISA
>>> Sent: Wednesday, October 18, 2006 10:59 AM
>>> To: isalist@xxxxxxxxxxxxx
>>> Subject: [isalist] OT: DNS and Forwarders
>>> 
>>> http://www.ISAserver.org
>>> -------------------------------------------------------
>>> 
>>> Steve: Funny you should say that because I've done that a few times.
>>> 
>>> DNS stops - I removed the forwards - Restart DNS - DNS works.
>>> DNS stops - I change the forwards - Restart DNS - DNS works.
>>> 
>>> I want to blame my server but I'm just not sure where the
>> failure is.
>>> 
>>> 
>>> 
>>> Joseph Danielsen, MCSA-Messaging, MCP
>>> 
>>> Network Blade Inc.
>>> 
>>> 49 Marcy Street
>>> 
>>> Somerset, NJ 08873
>>> 
>>> 732-213-0600
>>> 
>>> www.networkblade.com
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> -----Original Message-----
>>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx]
>>> On Behalf Of Steve Moffat
>>> Posted At: Wednesday, October 18, 2006 11:55 AM Posted To: ISA
>>> Conversation: [isalist] OT: DNS and Forwarders
>>> Subject: [isalist] Re: OT: DNS and Forwarders
>>> 
>>> http://www.ISAserver.org
>>> -------------------------------------------------------
>>> 
>>> Remove the forwarders.....then see how fast your Internet speed
>>> gets...:)
>>> 
>>> S
>>> 
>>> -----Original Message-----
>>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx]
>>> On Behalf Of ISA
>>> Sent: Wednesday, October 18, 2006 12:49 PM
>>> To: ISA Mailing List
>>> Subject: [isalist] OT: DNS and Forwarders
>>> 
>>> http://www.ISAserver.org
>>> -------------------------------------------------------
>>> 
>>> Hello All -
>>> 
>>> This might be off-topic, but has anyone every had their
>> Windows DNS/DC
>>> server intermittently stop forwarding DNS requests?
>>> 
>>> I checked with the ISP and they don't recognize and
>> problems on their
>>> end.
>>> 
>>> JD
>>> ------------------------------------------------------
>>> List Archives: //www.freelists.org/archives/isalist/
>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> ISA Server Articles and Tutorials:
>>> http://www.isaserver.org/articles_tutorials/
>>> ISA Server Blogs: http://blogs.isaserver.org/
>>> ------------------------------------------------------
>>> Visit TechGenix.com for more information about our other sites:
>>> http://www.techgenix.com
>>> ------------------------------------------------------
>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> Report abuse to listadmin@xxxxxxxxxxxxx
>>> 
>>> ------------------------------------------------------
>>> List Archives: //www.freelists.org/archives/isalist/
>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> ISA Server Articles and Tutorials:
>>> http://www.isaserver.org/articles_tutorials/
>>> ISA Server Blogs: http://blogs.isaserver.org/
>>> ------------------------------------------------------
>>> Visit TechGenix.com for more information about our other sites:
>>> http://www.techgenix.com
>>> ------------------------------------------------------
>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> Report abuse to listadmin@xxxxxxxxxxxxx
>>> 
>>> ------------------------------------------------------
>>> List Archives: //www.freelists.org/archives/isalist/
>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> ISA Server Articles and Tutorials:
>>> http://www.isaserver.org/articles_tutorials/
>>> ISA Server Blogs: http://blogs.isaserver.org/
>>> ------------------------------------------------------
>>> Visit TechGenix.com for more information about our other sites:
>>> http://www.techgenix.com
>>> ------------------------------------------------------
>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> Report abuse to listadmin@xxxxxxxxxxxxx
>>> 
>>> ------------------------------------------------------
>>> List Archives: //www.freelists.org/archives/isalist/
>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> ISA Server Articles and Tutorials:
>>> http://www.isaserver.org/articles_tutorials/
>>> ISA Server Blogs: http://blogs.isaserver.org/
>>> ------------------------------------------------------
>>> Visit TechGenix.com for more information about our other sites:
>>> http://www.techgenix.com
>>> ------------------------------------------------------
>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> Report abuse to listadmin@xxxxxxxxxxxxx
>>> 
>>> ------------------------------------------------------
>>> List Archives: //www.freelists.org/archives/isalist/
>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> ISA Server Articles and Tutorials:
>>> http://www.isaserver.org/articles_tutorials/
>>> ISA Server Blogs: http://blogs.isaserver.org/
>>> ------------------------------------------------------
>>> Visit TechGenix.com for more information about our other sites:
>>> http://www.techgenix.com
>>> ------------------------------------------------------
>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> Report abuse to listadmin@xxxxxxxxxxxxx
>>> 
>>> ------------------------------------------------------
>>> List Archives: //www.freelists.org/archives/isalist/
>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> ISA Server Articles and Tutorials:
>>> http://www.isaserver.org/articles_tutorials/
>>> ISA Server Blogs: http://blogs.isaserver.org/
>>> ------------------------------------------------------
>>> Visit TechGenix.com for more information about our other sites:
>>> http://www.techgenix.com
>>> ------------------------------------------------------
>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> Report abuse to listadmin@xxxxxxxxxxxxx
>>> 
>>> ------------------------------------------------------
>>> List Archives: //www.freelists.org/archives/isalist/
>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> ISA Server Articles and Tutorials:
>>> http://www.isaserver.org/articles_tutorials/
>>> ISA Server Blogs: http://blogs.isaserver.org/
>>> ------------------------------------------------------
>>> Visit TechGenix.com for more information about our other sites:
>>> http://www.techgenix.com
>>> ------------------------------------------------------
>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> Report abuse to listadmin@xxxxxxxxxxxxx
>>> 
>>> 
>>> 
>> 
>> 
>> ------------------------------------------------------
>> List Archives: //www.freelists.org/archives/isalist/
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server Articles and Tutorials:
>> http://www.isaserver.org/articles_tutorials/
>> ISA Server Blogs: http://blogs.isaserver.org/
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>> Report abuse to listadmin@xxxxxxxxxxxxx
>> 
>> 
>> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

• References:
  • [isalist] OT: DNS and Forwarders
    • From: ISA

Other related posts:

• » [isalist] OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] Re: OT: DNS and Forwarders
• » [isalist] OT: DNS and Forwarders

1. Home
2. isalist
3. Archive
4. 10-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---