Speaking of companies: should internal resources be resolvable using external #DNS? What points should be considered in terms of #security, #operations and #risk #management?
Is using split DNS #SecurityThroughObscurity or prevention of information gathering?
@jesterchen The biggest challenge (IMHO) with split DNS is keeping the namespaces consistent (you don't want www.yourcompany.com to point to two different places depending on whether you are inside or outside the network). If you can minimize that problem, then you have a small cost to balance against the benefit of limiting the ability of someone outside your network to gather information.
That said, don't forget that your network boundary is probably somewhat cute to the determined, resourced attacker. By which I mean, don't rely on this effort to secure your internal hosts; you want to be hard and difficult to chew on the inside _as_well_as_ on the outside.
