Snort mailing list archives
Re: Name resolution
From: Kendall Lister <krl () cs mu OZ AU>
Date: Fri, 18 May 2001 09:40:21 +1000 (EST)
On Thu, 17 May 2001, Subba Rao wrote:
This is going to be a very basic question. I do see (on daily basis) attempts to connect to the sunrpc services (port 111). When I try to resolve the IP address, I always get, *** myhost.mydom.com can't find sys.no.edu: Non-existent host/domain How are these hackers conducting the hacks? They should get some response back from my machine. If their host/domain does not exist, then where are the replies from my system going?
There is no need for a particular IP address to have a corresponding DNS host name; all TCP/IP traffic actually occurs between hosts identified by IP addresses. So, for example, you could "telnet aa.bb.cc.dd" to try to connetc to the systems that are probing you - you don't need to sue a host name to get through. Kendall krl () cs mu oz au _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Name resolution Subba Rao (May 17)
- Re: Name resolution Kendall Lister (May 17)
- Re: Name resolution John Sage (May 18)
- Re: Name resolution Dan Cuthbert (May 18)