At 05:52 AM 10/03/2001 -0700, John Young wrote:
However, now I learn that Verio uses one DNS server for the two boxes so an attacker needs only to throw one stone to kill both our birds. Grrr. That is what we wanted to avoid.
A smart sales rep assured me that this was the way to go, after I had placed two orders for two machines to keep them separate. No need for that he said, let me tell you a better way. No doubt my simple-minded security method would have been breached by some Verio setup based on its own Japanese government spying principles, which is to say I can't escape being terrorized by Ashcroft.
Domain names are supposed to have at least one primary DNS server and at least one secondary DNS server, and some names will arrange to have more than one secondary. It wouldn't be at all surprising if Verio uses one server as the primary for both names and one as the secondary for both. It's probably worthwhile for you to arrange another secondary - there are crypto-friendly sites that will probably be happy to do so (e.g. toad.com, havenco.com, thebunker.net, etc.)