Re: IP Firewalling by DNS name

• Previous message: bruce_at_nikkel.com: "Re: IP Firewalling by DNS name"
• In reply to: bruce_at_nikkel.com: "Re: IP Firewalling by DNS name"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 31 May 2005 19:51:41 +0200
To: bruce@nikkel.com

bruce@nikkel.com wrote:

> Access control based on the reverse lookup of an IP address is a
> dangerous idea in general. Anyone who manages their own reverse DNS
> could bypass the security simply by creating a DNS entry. If someone
> controls the in-addr.arpa zone for a particular IP range, they can make
> those IPs resolve with any FQDN they want, even with domains they don't
> own.

Interesting! Thanks!

_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"

• Previous message: bruce_at_nikkel.com: "Re: IP Firewalling by DNS name"
• In reply to: bruce_at_nikkel.com: "Re: IP Firewalling by DNS name"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: An explanation requested. ... enough to see the words "security and virus". ... which is in charge of the reverse DNS for 10.40.244.148) ... To get reverse DNS set up for 10.40.244.148, ... (microsoft.public.security.virus) Re: An explanation requested. ... enough to see the words "security and virus". ... which is in charge of the reverse DNS for 10.40.244.148) ... To get reverse DNS set up for 10.40.244.148, you need to speak to your ... (microsoft.public.security.virus) Re: [Full-disclosure] Reverse dns ... large number of things slowed down while a reverse DNS request timed ... It's the ancient security by obscurity discussion. ... (Full-Disclosure)