Firewalls: Hiding internal DNS and sites which run tcp

Firewalls
(November 1993)

Indexed By Thread: [Previous] [Next]

Subject:	Hiding internal DNS and sites which run tcp_wrappers
From:	Craig Bishop <csb @ gdwb . vic . gov . au>
Date:	Thu, 25 Nov 1993 11:28:06 +1100
To:	firewalls @ greatcircle . com

We have recently hidden our internal DNS behind an external DNS
and we are returning "unknown.gdwb.vic.gov.au" to reverse arpa
lookups.

The local University is running tcp_wrappers version 5.1, with
-DPARANOID turned on by default. Now none of our hosts can
telnet or any other normally allowed type stuff to that net.

Because this host is the local University so we have lots of
people doing courses and some involved in joint research
(sometimes).

Is my only choice to supply all my reverse info on the external
DNS?

How PARANOID is using -DPARANOID? Can they safely turn it off?

Craig Bishop			Information Systems Division
Email: csb @
 gdwb .
 vic .
 gov .
 au	Geelong & District Water Board
Phone: +61 52 262506		61-67 Ryrie St Geelong
Fax:   +61 52 218236		Victoria 3220 Australia

Follow-Ups:

Re: Hiding internal DNS and sites which run tcp_wrappers
From: Tom Fitzgerald <fitz @ wang . com>
Re: Hiding internal DNS and sites which run tcp_wrappers
From: doug @ seas . smu . edu (Doug Davis)

Indexed By Date	Previous:	Re: Am I spoofed or compromised? From: "Michael S. Hines" <MSHINES @ freh-03ms . adpc . purdue . edu>
Indexed By Date	Next:	Re: Hiding internal DNS and sites which run tcp_wrappers From: doug @ seas . smu . edu (Doug Davis)
Indexed By Thread	Previous:	SUMMARY: Packet filtering/screening with SunLink ISDN From: sten @ ergon . CH (Sten Gunterberg)
Indexed By Thread	Next:	Re: Hiding internal DNS and sites which run tcp_wrappers From: doug @ seas . smu . edu (Doug Davis)