Is this a tcpwrapper bug?
Tom Horsley
tom.horsley at att.net
Tue Dec 18 01:38:40 UTC 2007
On Mon, 17 Dec 2007 17:26:40 -0800
Rick Stevens <rstevens at internap.com> wrote:
> No, the IP could be spoofed. If the connection that purported to come
> from niceguy.mybuddy.com on 1.2.3.4 actually reverse resolves to
> evilbastards.hackerville.com, do you really want to allow that? I sure
> as heck don't.
But if I do a dig -x on the IP address, it tells me both names, so
it isn't like the reverse lookup resolves to a different name, it
just resolves to multiple names, one of which was the one expected.
(I have no idea exactly how the DNS server is configured at work -
I have no control over it).
More information about the fedora-list
mailing list