Date: Tue, 25 Jul 2000 23:35:45 -0600 From: Wes Peters <wes@softweyr.com> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: "Roberto Nunnari, AGIE" <roberto.Nunnari@agie.ch>, Nick Rogness <nick@rapidnet.com>, net@FreeBSD.ORG Subject: Re: gateway strange behaviour for telnet and ftp Message-ID: <397E78B1.BDE3A622@softweyr.com> References: <Pine.NEB.3.96L.1000724125838.41604H-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote:
>
> On Mon, 24 Jul 2000, Wes Peters wrote:
>
> > Because the server daemones for each of those do the reverse lookup, for
> > logging and/or authentication purposes. Ping never gets out of the IP
> > stack; one of the reasons it is preferred for testing connectivity is the
> > minimal load it imposes on the target being pinged.
>
> This has gotten worse recently (well, relatively recently) with inclusion
> of TCP wrappers in standard binaries, including inetd, et al. Introducing
> DNS lookups is actually fairly irritating, especially given that most of
> the checks there are somewhat bogus, as easily spoofed :-). I don't
> believe our default wrapper rules should require DNS lookups; it would be
> nice if they didn't do them.
>
> Would also be nice if we logged IPs as well as hostnames in wtmp all of
> the time.
It would be better to just log the IP address and make who et al smart
enough to do the reverse lookup at display time.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397E78B1.BDE3A622>