Many companies use the same DNS servers for both their internal network and their Internet side of the network. This is a bad idea because it exposes the structure of their internal network to intruders. The easiest way to do this is set up a two independent DNS servers that are updated separately. The internal server contains the database of all the DNS names within the organization, whereas the external server knows only how to resolve names dealing with the external presence, such as e-mail forwarders and web servers.
Some firewalls and BIND contain features to make this easier.
