nanog mailing list archives

Re: Reverse DNS RFCs and Recommendations

From: Andrew Sullivan <asullivan () dyn com>
Date: Wed, 30 Oct 2013 13:21:37 -0400

On Wed, Oct 30, 2013 at 06:13:35PM +0100, Mikael Abrahamsson wrote:

The classic TCP wrapper had this as one of the security features


I would agree with that if you'd put scare-quotes around the word
"security".  In general anyone depending on the reverse tree to
provide them any kind of security is engaged in wishful thinking,
particularly if the lookup isn't validated with DNSSEC.  (But yes,
that's waht the TCP wrappers package was supposed to be doing.)

A 

-- 
Andrew Sullivan
Dyn, Inc.
asullivan () dyn com
v: +1 603 663 0448

Current thread:

Reverse DNS RFCs and Recommendations Nolan Rollo (Oct 30)
- Re: Reverse DNS RFCs and Recommendations Nick Hilliard (Oct 30)
  - Re: Reverse DNS RFCs and Recommendations Andrew Sullivan (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Mikael Abrahamsson (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Andrew Sullivan (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Valdis . Kletnieks (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Leo Bicknell (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Andrew Sullivan (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Dave Crocker (Oct 31)
- Re: Reverse DNS RFCs and Recommendations Scott Howard (Oct 30)
  - Re: Reverse DNS RFCs and Recommendations Tim Franklin (Oct 30)
- Re: Reverse DNS RFCs and Recommendations John Miller (Oct 30)
- Re: Reverse DNS RFCs and Recommendations William Herrin (Oct 30)

(Thread continues...)