Hello and welcome to the Thursday, February 1st, 2020, edition of the Sandsenet Storms anders Stormcast.

My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida.

Wrote a quick diary today about the Dot internal domain I briefly mentioned yesterday.

The main reason I wrote this up was to go a little bit into the details or advantages,

disadvantages of using the dot internal top level domain.

Can be convenient for some people to have a top level domain like this,

but ultimately you're probably better of registering a normal

domain for internal use. By having an officially registered domain, you now are able to get TLS certificates.

You also don't have to be afraid that down the road someone else is adopting the same scheme that

you're using in your network, in their network, and then if you have some merger happening or

some VPN between the networks, you have conflicts, similar to when you're using RFC-1918 IP addresses.

So ultimately, I do recommend you go with the publicly registered domain.

Now, it's not a top-level domain.

You're only going to get a normal domain,

but that's really sufficient, I think.

I'm not really aware of any use case that would absolutely require you to have a top level domain.

If someone is aware of a use case, please let me know.

And Yvanti not going anywhere as far as vulnerability goes.

First of all, the good news, we do now have patches for two of the

vulnerabilities that were disclosed earlier in january c vene 2023 46805 and

2024 21887 these vulnerabilities have been exploited at least since January 11th, and at this point,

Yvante has had a configuration that mitigated some of these vulnerabilities, but now you start

...