Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Has anyone implemented "double forward DNS"?
From: Jerry Franz <jfranz () freerun com>
Date: Wed, 03 Sep 2008 09:40:04 -0700


Duncan Simpson wrote:

[...]
The idea here is that a client that finds www.example.com is 192.168.3.42 does not trist this infiormation. Instead it looks up 42.3.168.192.in-addr.arpa and checks for a PTR record saying www.example.com. If one is not found then the result is disinformation and should not be used. Of course if the bad guy also controls the client's information about the reverse zone it still loses. 
[...]
Your proposal would cause a lot of trouble for sites using shared-ip virtual webhosting (read many, perhaps most, sites) since it could require potentially thousands (or more) of PTR records for each shared-ip webserver IP (which would do nasty things to DNS in general). 

--
Benjamin Franz

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]