Firewalls: Re: IDENT secure?

Firewalls
(November 1993)

Indexed By Thread: [Previous] [Next]

Subject:	Re: IDENT secure?
From:	"Perry E. Metzger" <pmetzger @ lehman . com>
Date:	Wed, 17 Nov 1993 10:55:12 -0500
To:	firewalls @ greatcircle . com
In-reply-to:	Your message of "Wed, 17 Nov 1993 07:57:33 GMT." <"swan.cl.cam.:003150:931117075742"@cl.cam.ac.uk>
Reply-to:	pmetzger @ lehman . com

Piete .
 Brooks @
 cl .
 cam .
 ac .
 uk says:
> Well, as nobody else has leapt to BIND's defence I feel I had better so do.
> 
> I have been using BIND generated shared libc's on my suns for years.
> They do double reverse lookups. The OPTIONS file says:
> 
> 	SUNSECURITY (origin: rossc @
 ucc .
 su .
 oz .
 au)
> 	        enable checking of PTR records in gethostbyaddr() to detect
> 	        spoofing. Always on on suns as rlogin etc. depend on this.
> 
> Are you saying that there is some other problem of which I am not aware ?

I was unaware that this option had been added. Obviously it solves the
problem in question.

Perry

References:

Re: IDENT secure?
From: Piete . Brooks @ cl . cam . ac . uk

Indexed By Date	Previous:	Re: Usenix LISA VII Firewalls BOF From: tmd @ eticket . llnl . gov (Tina M. Darmohray)
Indexed By Date	Next:	Re: firewall OS's From: ken @ bridge . COM (Ken Hardy)
Indexed By Thread	Previous:	Re: IDENT secure? From: Piete . Brooks @ cl . cam . ac . uk
Indexed By Thread	Next:	Re: IDENT secure? From: smb @ research . att . com