Date: Sun, 1 Jun 2003 22:41:12 +0300 From: "Petri Helenius" <pete@he.iki.fi> To: "Chuck Swiger" <cswiger@mac.com> Cc: freebsd-net@freebsd.org Subject: Re: ipfw and hostnames Message-ID: <008f01c32875$c210c730$812a40c1@PETEX31> References: <001f01c32831$296b9210$812a40c1@PETEX31> <3EDA498D.3000307@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > You are strongly advised to use IP addresses instead of hostnames in firewall > rulesets, to avoid DNS spoofing attacks subverting your firewall. Ideally, your > firewall should function without depending on any external network resources. > I know that, I control the domains and additionally they are for non-critical resources like NTP access. Obviously all rules really important are based on IP addresses. Pete
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?008f01c32875$c210c730$812a40c1>