Full Disclosure mailing list archives
RE: Reverse dns
From: "Mike Ring" <mring () presgar com>
Date: Thu, 10 Mar 2005 11:44:03 -0500
If my memory serves me correctly, I've run into performance problems with both NFS and HP's omniback product that were caused by missing reverse records. Mike Ring CISSP IT Security Specialist PresGar Companies -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Paul Schmehl Sent: Thursday, March 10, 2005 10:58 AM To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Reverse dns Is there an RFC *requirement* for reverse dns? I've been looking through the RFCs and I can't find it. Some folks think reverse dns should be completely disabled. I know for sure that this will break email, because many mail servers won't talk to a server that doesn't reverse. Tcpdump also doesn't like hosts that won't reverse. What I'm looking for is a standard (RFC) that states that enabling reverse lookups is *required* or reverse lookups are *optional*. If they're optional, then reverse could be disabled for most hosts. I'm also looking for a list of things that *break* when you disable reverse (e.g. mail). RULES FOR RESPONDING: 1) "Reverse is a good thing" is not an answer. Neither is "Reverse is a bad thing". 2) Opinions are not useful - stick to facts only - chapter and verse please. 3) All replies to the list please - others will find this useful as well. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Re: Reverse dns, (continued)
- Re: Reverse dns Simon Biles (Mar 11)
- Re: Reverse dns Danny (Mar 10)
- RE: Reverse dns Edward Ray (Mar 10)
- Re: Reverse dns Andrei Zlate-Podani (Mar 10)
- Re: Reverse dns Valdis . Kletnieks (Mar 10)
- Re: Reverse dns Paul Schmehl (Mar 10)
- Re: Reverse dns Valdis . Kletnieks (Mar 11)
- Re: Reverse dns Paul Schmehl (Mar 10)
- Re: Reverse dns Security - AlaricoWebDesign.it (Mar 10)
- Re: Reverse dns Pete Hickey (Mar 10)
- Re: Reverse dns Ben McGinnes (Mar 11)
- RE: Reverse dns Mike Ring (Mar 10)
- RE: Reverse dns Dale Babiy (Mar 10)
- RE: Reverse dns Paul Schmehl (Mar 10)
- Re: Reverse dns derek (Mar 10)
- RE: Reverse dns Andriy Bilous (Mar 11)