Why does DreamHost automatically publish mySQL hostnames to public DNS? I may just have a poor understanding of the DNS system, but doesn’t that allow someone to quickly scan for the mySQL hosts that I have configured (especially if I use the default names)?
My understanding is that it would be more secure for DH to only register the mySQL hostnames within its own datacenter’s DNS servers, unless I explicitly need to publish that. More than likely, the majority of mySQL hosts at DH are created solely for Joomla! or Wordpress installs, so there is no possible reason to make them externally visible. (Possibly the phyMyAdmin portal and similar would have problems without the public DNS?)
Thoughts? Is this a security risk that I should be concerned about? (I’m not advocating security by obscurity, but layered security with limited exposure is what I learned as a best practice.)