From: Frank Rizzo [mailto:rizzo@drunkagain.org] Sent: Sunday, May 13, 2001 3:09 PM
On Sun, May 13, 2001 at 02:20:28PM -0700, Roeland Meyer wrote:
I've had similar problem at SpeakEasy. They still don't
have a reverse-DNS clue.
http://www.mhsc.com/recovery.htm
None of the DSL ISPs can do larger than /27 anymore, even
when they're
ILECs. Anything less than a /24 can't be SWIP'd and if you don't control your in-addr.arpa entries you don't control your domain and have no security.
wow, relying on dns for security is pretty freaking ignorant, and so are you appearantly. that's okay, i'll shut up now because i'll be busy playing with my reverse dns to get your hosts to trust me!
Gee, I wish you knew what you were talking about. Basic security starts with reverse, see tcp_wrappers, SSH, Oracle (try and build a DB without reverse working right. Net8 stops you dead in your tracks). Half of my ACLs don't work right because reverse isn't correct.
ps - 32/27.0.168.192.in-addr.arpa., learn it, love it, live it.
Thu May 10 22:59:09 [root:2]#> ps - 32/27.0.168.192.in-addr.arpa. ERROR: Garbage option.