Should I be concerned over info in public DNS records?



  • Are IP addresses and subdomain names in public DNS records a security concern?

    For instance, is it wise to put private IPs on public DNS, for instance ad-server.example.com 192.168.1.1?

    We register dynamic dns IPs as location.example.com. Is it wise to give clues about the branch office location in the name or is it better to call it nondescript things like akt34xy2?

    There are probably other examples but those are some that comes to mind.



  • I find it to not be of concern. I would never have it happen, because it's a bizarre and problematic way to handle internal DNS. But anyone who can exploit private IP mapping can figure it out without DNS in the first place. So I see no reason to want to hide it.