Date: Tue, 25 Jul 2000 02:27:23 +0900 (JST) From: Hajimu UMEMOTO <ume@mahoroba.org> To: rwatson@FreeBSD.ORG Cc: ume@mahoroba.org Subject: Re: gateway strange behaviour for telnet and ftp Message-ID: <20000725.022723.115966623.ume@mahoroba.org> In-Reply-To: <Pine.NEB.3.96L.1000724125838.41604H-100000@fledge.watson.org> References: <397C5E86.6B0A0B72@softweyr.com> <Pine.NEB.3.96L.1000724125838.41604H-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Mon, 24 Jul 2000 13:00:09 -0400 (EDT)
>>>>> Robert Watson <rwatson@FreeBSD.ORG> said:
rwatson> This has gotten worse recently (well, relatively recently) with inclusion
rwatson> of TCP wrappers in standard binaries, including inetd, et al. Introducing
rwatson> DNS lookups is actually fairly irritating, especially given that most of
rwatson> the checks there are somewhat bogus, as easily spoofed :-). I don't
rwatson> believe our default wrapper rules should require DNS lookups; it would be
rwatson> nice if they didn't do them.
No. Default rule of libwrap allows any connections. I believe this
doesn't do reverse lookup.
It is done by realhostname{,_sa}(3) during login process.
rwatson> Would also be nice if we logged IPs as well as hostnames in wtmp all of
rwatson> the time.
If you intend to obtain hostname, you need reverse lookup. ;-)
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org
http://www.imasy.org/~ume/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000725.022723.115966623.ume>