Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Re^3: DNSCMD will not work in Perl script

by graff (Chancellor)
on Mar 01, 2014 at 10:00 UTC ( #1076653=note: print w/replies, xml ) Need Help??

in reply to Re^2: DNSCMD will not work in Perl script
in thread DNSCMD will not work in Perl script

I'm not a windows guy, so what I say here may be nonsense, butů

It might actually be a Good Thing™ that the 2008 server has better security than the 2003 model. The fact that it gets in the way of doing what you need to do is sad, but it might be even sadder if, by allowing needful things to be easier for you, it also allowed bad things to be easier for bad people.

If the "web-server-userid" vs. "admin-user-id" conflict is the problem, I wonder if there might be a way to run a daemon process on the 2008 server (under the admin account) that, say, monitors a directory, and if anything gets placed in that directory, it reads it as a set of dnscmd instructions and runs them.

If you promise to be very careful about setting up that directory, and configuring the web-server process that could place files into that directory, then you might be able to do what needs to be done without completely defeating the "enhanced security" of the 2008 system.

(Update: you would of course also need to be very careful about setting up the admin daemon process - basically, you want to make sure that both processes are very rigorously scrupulous about what can be placed into that directory and what kinds of actions can be taken as a result. Every conceivable safeguard is needed, and the lingering problem is the set of exploits that someone else could conceive before you do.)

Again, I'm not a windows guy - and I'm quite poorly informed about DNS security issues in general. Please keep looking for advice from a "higher authority." (Not just perl hackers, but also real sysadmins with windows 2008 experience.)

  • Comment on Re^3: DNSCMD will not work in Perl script

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1076653]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (6)
As of 2018-01-20 13:20 GMT
Find Nodes?
    Voting Booth?
    How did you see in the new year?

    Results (226 votes). Check out past polls.