Home page logo
/

nanog logo nanog mailing list archives

RE: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
From: "Vivien M." <vivienm () dyndns org>
Date: Tue, 15 May 2001 12:52:00 -0400


-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
Pyda Srisuresh
Sent: May 15, 2001 12:03 PM
To: Valdis.Kletnieks () vt edu; Adam McKenna
Cc: nanog () nanog org
Subject: Re: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS


Forcing hostnames and PTR's to match will also prevent people from NAT
land accessing your servers. There are hardly any NAT implementations
that do dynamic DNS updates.

Your NAT implementation must not be the same as the ones I've worked with,
because with the [simple] ones I've seen, you have something like
192.168.0.0/24 all coming out and talking to the world as 1.2.3.4 (the more
elaborate implementations give each private IP a unique outside IP, in which
case you just set up your DNS for each IP. A little more work, perhaps,
but...). Now, if 1.2.3.4 has proper matching forward/reverse DNS lookups, I
don't see how people behind someone else's NAT pose a problem.

Vivien
--
Vivien M.
vivienm () dyndns org
Assistant System Administrator
Dynamic DNS Network Services
http://www.dyndns.org/



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]