×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Sounds like you're talking about running DNS on IBMi, which is a different can of worms entirely. I'd imagine that a majority of IBMi shops already have DNS running on other platforms, so most often we'd just be using those for DNS.
-----Original Message-----
From: Rob Berendt [mailto:rob@xxxxxxxxx]
Sent: Thursday, December 08, 2016 7:42 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: Re: "3 out of 4 IBM i machines I work on do not have DNS servers specified" Why not?
Be careful with IBM i DNS if you are subject to audit. While they patch the DNS to fix CVE's they still leave the BIND number WAY behind. Thus failing audits. True, there is an object which holds the bind number returned upon such query's you can modify but that kinda feels like cheating to me.
This is the reason we dropped IBM i DNS.
I've tried numerous PMR's, RFEs, etc and was basically told that the patching should be sufficient. Of course, when it was IBM doing the auditing and we got no where with them...
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
midrange.com
