Re: How to turn DNS off in sshd_config?

From: Mark Andrews (marka_at_drugs.dv.isc.org)
Date: 10/19/05

• Next message: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Previous message: james hal-pc.org: "Re: headless 5.4 ?"
• In reply to: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Next in thread: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Reply: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Wed, 19 Oct 2005 05:48:23 +0000 (UTC)

In article <1129695559.690027@www.vif.com>,
__PPS__ <i-love-spam@yandex.ru> wrote:
>jpd wrote:
>> Begin <1129678531.806243@www.vif.com>
>> On 2005-10-18, __PPS__ <i-love-spam@yandex.ru> wrote:
>>
>>>I'm having similar problem - when my internet connection goes down I
>>>can't connect to a local freebsd(192.168.0.128) which acts as a
>>>residential gateway from my desktop(192.168.0.1); sshd does reverse DNS
>>>lookup(!!!) or whatever
>>
>>
>> No whatever and no explamation points necessairy. sshd does this and it
>> is a feature, not a bug. The solution is to fix your naming setup.
>> In fixing this, remember that /etc/hosts only acts on one machine, and
>> you have two machines to deal with. So either double-check /etc/hosts
>> on both machines for correctness, or centralize your host naming using
>> a bind that serves a .local zone and matching reverse for your network
>> (and I'd also make it forward and cache requests to/from the outside
>> 'net, but anyway).
>
>Please, tell me what for I need any configs for the other pc(desktop) to
>fix this sshd *feature*, have no idea what you mean, please, clarify
>
>I have found many posts like mine - lots of people (who have bad
>internet connection, or dialup) are having similar problem, and I said
>that solutions they were suggested don't work for me.
>Sorry I didn't provide more info about my config, cause I already
>started a separate thread and it didn't lead to any solution at all (and
>when replying to this thread, I forgot that it wasn't my thread)
>
>Basicly, I've heard/read this story about fixing my naming setup, but
>have no idea what's wrong with my setup. Please, let me know if it's broken
>
>Here's what I have
>freebsd: 192.168.0.128
> /etc/hosts
>::1 localhost
>127.0.0.1 localhost
>192.168.0.128 serv1 <-- this is freebsd
>192.168.0.1 main <-- this is the desktop
>(and basicly hosts file on windows is the same)
>
> /etc/host.conf
>hosts
>bind
>
> /etc/resolv.conf has two nameserver entries
>
>The desktop pc is winxp, I use putty to connect to freebsd. Freebsd is
>an old pc that's always on and connected to the internet - it has no
>monitor. Sometimes connection fails and I need to restart ppp (it
>sometimes doesn't detect that there's no connection) so at this time I
>try to connect to freebsd using putty and have this problem - it waits
>minutes for reverse lookup
>Whatever you call it, is there any option to disable this feature - it
>causes me alot of trouble - at times I simply had to reconnect my
>monitor to freebsd box or just restart it to fix my problems. (in short
>my connection problems are spontaneous and I need to do some pings, etc
>to show it to my isp, but at times when I need to do it I can't connect
>to my freebsd because of sshd's features)
>
>I saw posts suggesting to setup a dns server, but I don't need any dns
>servers - I prefer to connect my desktop pc directly to my modem and to
>setup windows firewall or whatver

        Obviously you do need a DNS server. Your network is leaking
        reverse queries for RFC 1918 address onto the Internet and
        by doing so is contributing to the query load on
        BLACKHOLE-1.IANA.ORG and BLACKHOLE-2.IANA.ORG.

        BLACKHOLE-1.IANA.ORG and BLACKHOLE-2.IANA.ORG are sets of
        anycast servers deployed to save the nameservers for
        IN-ADDR.ARPA from the excessive query load caused by
        misconfigured RFC 1918 networks make reverse queries to the
        Internet.

        Mark

---

• Next message: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Previous message: james hal-pc.org: "Re: headless 5.4 ?"
• In reply to: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Next in thread: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Reply: __PPS__: "Re: How to turn DNS off in sshd_config?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages RE: [Freebsd-security] Re: Possible compromise ? ... is that you reinstall. ... I was not able to install and setup FreeBSD by ... >> me to retrieve connection dates from that file. ... (FreeBSD-Security) Re: How to turn DNS off in sshd_config? ... > is a feature, not a bug. ... The solution is to fix your naming setup. ... I use putty to connect to freebsd. ... Sometimes connection fails and I need to restart ppp (it ... (comp.unix.bsd.freebsd.misc) RE: [Freebsd-security] Re: Possible compromise ? ... I was not able to install and setup FreeBSD by ... > some connects from remote machines to ttyp0 and ttyp1. ... > me to retrieve connection dates from that file. ... (FreeBSD-Security) Re: Possible compromise ? ... I was not able to install and setup FreeBSD by ... > me to retrieve connection dates from that file. ... (FreeBSD-Security) Re: 3 PC SOHO Network setup problem ... As I say below, my setup should ... >>so security on the wireless side is not a major concern. ... no PC has an internet connection other than through the router. ... > only by the Guest account, which means this computer will be open to anyone. ... (microsoft.public.windowsxp.network_web)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)