Path: utzoo!attcan!uunet!samsung!zaphod.mps.ohio-state.edu!math.lsa.umich.edu!emv
From: emv@math.lsa.umich.edu (Edward Vielmetti)
Newsgroups: comp.protocols.tcp-ip.domains
Subject: Re: Checking up on the DNS
Message-ID: <EMV.90Apr13031700@duby.math.lsa.umich.edu>
Date: 13 Apr 90 07:17:00 GMT
References: <1990Apr5.171053.14081@terminator.cc.umich.edu>
	<83269@uunet.UU.NET>
Sender: news@math.lsa.umich.edu
Organization: University of Michigan Math Dept., Ann Arbor MI.
Lines: 27
In-reply-to: revell@uunet.UU.NET's message of 6 Apr 90 03:37:46 GMT

In article <83269@uunet.UU.NET> revell@uunet.UU.NET (James R Revell Jr) writes:

   In article <1990Apr5.171053.14081@terminator.cc.umich.edu>,
	 bryan@terminator.cc.umich.edu (Bryan Beecher) writes:

   >How does one convince an organization that their part of in-addr.arpa
   >is set-up incorrectly and that they need to do something about it?

   How about adopting a policy similar to what we taken at uunet.  We refuse
   to allow FTP access by any site that doesn't have it's reverse servers
   configured.  We find that this usually has enough impact to make the site
   set things up right.

Ah yes, the old "denial of service" attack.

Is the ftpd that uunet is running available somewhere?  The
FTP refusal doesn't seem to be in the one that's in networking/ftpd.*.

If you want to bounce some more connections, refuse them from people
who don't have the RFC 1101 "reverse pointer for the .0 address"
scheme to identify their network, that'll wipe out all but a few
die-hards in Ohio and at Apple more or less.

--Ed

Edward Vielmetti, U of Michigan math dept.
emv@math.lsa.umich.edu