I have a question to see if there's a security risk in the way I have DNS configured.
Here's my setup:
Concerning the DNS entries in TCP/IP, would you have any issues with this setup:
I have a couple of Windows 2003 servers (IIS + SQL) sitting on DMZ setup as a workgroup. They communicate with each other with their host files. However, DNS entries in TCP/IP settings are configured as 22.214.171.124 as preferred DNS server and 126.96.36.199 as Alternate.
This is done, so they can get Microsoft updates, virus updates and any other software patch/fix/upgrades that are required.
Internal client accessing the website (IIS) access it through public IP of website.
Is this setup ok for external name resolution, or should I still configure DNS through network services and configure Forwarders to 188.8.131.52 or my ISP DNS servers?
The two servers do sit behind a firewall.
Thanks in advance for your help.