Date: Mon, 12 Apr 1999 13:26:20 -0700 (PDT) From: David Wolfskill <dhw@whistle.com> To: freebsd-current@freebsd.org Subject: Re: showing full host names in output from who/finger/last Message-ID: <199904122026.NAA97599@pau-amma.whistle.com> In-Reply-To: <Pine.BSF.3.96.990411190058.11402A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>Date: Sun, 11 Apr 1999 19:05:30 -0400 (EDT) >From: Robert Watson <robert@cyrus.watson.org> >I'd actually like to see wtmp only use IP addresses, never hostnames. I would prefer to have that be an installation-selectable option, at least. >Spoofed names are fairly easy to arrange; with IP filtering on border >routers, spoofed IPs are harder. Besides which, connections are from IPs >and not names. :-) This of course sticks you with the task of DNS >lookups when viewing wtmp, when you may already have done them at login >time. Probably ideally, we'd have two variable length fields, one for a >network-supplied source, and one for a transformed source such as name, >display name (....:0), etc. But that requires modifying the record >format, which is always a pain. In my case, it's more because I expect the association of hostname <-> IP address to be rather transient compared to the interval during which the information might be useful: although it may be of interest to know what the hostname was at the time of the original event, it's more likely to be useful for me to know the IP address at the time. And merely because I know one of those *now* doesn't mean that I necessarily know what the other was *then*. (And yes, this is more of a concern when investigating such things as dropped (but logged) ICMP redirects targeted at some of our perimeter hosts, for example. I'm rather less concerned within our internal nets.) Cheers, david -- David Wolfskill UNIX System Administrator dhw@whistle.com voice: (650) 577-7158 pager: (650) 371-4621 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904122026.NAA97599>