但它将提供针对 DDOS 或尝试获取访问的零保护,因为任何能够从客户端应用程序中提取正常域名的人都可能能够轻松提取此随机域名,并且他们可能不会甚至不用担心域名,只需获取客户端连接的 IP 地址即可。
If you're never using where anyone will see it (even by rDNS on an incoming connection from your server), then the only real drawback is that you're paying for it when you could as easily use a random subdomain under a domain you already control (e.g. j398sh3-3nj23j.example.com).
But it'll provide zero protection from DDOS or attempts to gain access, as anyone who is in a position to extract a normal domain name from your client app will probably be able to extract this random domain name just as easily, and they may not even bother with domain names and just get the IP address your client is connecting to anyway.
Emphatically speaking, that's useless. As was pointed out above, using some subdomain of your own would cost less, be saner, and have more utility.
If you have a number of nodes on a private network that is not physically private, use a good VPN system and machine authentication with certificates. If you do that, nothing is accessible except the Internet-facing VPN software, and that can easily ignore anything that's not legitimate.
发布评论
评论(2)
如果您从未在任何人都能看到的地方使用它(即使是通过来自您服务器的传入连接上的 rDNS),那么唯一真正的缺点是,当您可以轻松地使用您所在域下的随机子域时,您就要为此付费。已经控制(例如
j398sh3-3nj23j.example.com)。但它将提供针对 DDOS 或尝试获取访问的零保护,因为任何能够从客户端应用程序中提取正常域名的人都可能能够轻松提取此随机域名,并且他们可能不会甚至不用担心域名,只需获取客户端连接的 IP 地址即可。
If you're never using where anyone will see it (even by rDNS on an incoming connection from your server), then the only real drawback is that you're paying for it when you could as easily use a random subdomain under a domain you already control (e.g.
j398sh3-3nj23j.example.com).But it'll provide zero protection from DDOS or attempts to gain access, as anyone who is in a position to extract a normal domain name from your client app will probably be able to extract this random domain name just as easily, and they may not even bother with domain names and just get the IP address your client is connecting to anyway.
强调一下,那是没有用的。正如上面所指出的,使用您自己的某些子域会花费更少,更理智,并且具有更多实用性。
如果私有网络上有许多节点,但物理上并非私有,请使用良好的 VPN 系统和带有证书的机器身份验证。如果这样做,除了面向互联网的 VPN 软件之外,其他任何内容都无法访问,并且可以轻松忽略任何不合法的内容。
Emphatically speaking, that's useless. As was pointed out above, using some subdomain of your own would cost less, be saner, and have more utility.
If you have a number of nodes on a private network that is not physically private, use a good VPN system and machine authentication with certificates. If you do that, nothing is accessible except the Internet-facing VPN software, and that can easily ignore anything that's not legitimate.