Xref: utzoo comp.protocols.tcp-ip:14161 comp.protocols.tcp-ip.domains:536 Path: utzoo!attcan!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!usc!apple!agate!shelby!riacs!nsipo.arc.nasa.gov!medin From: medin@nsipo.arc.nasa.gov (Milo S. Medin) Newsgroups: comp.protocols.tcp-ip,comp.protocols.tcp-ip.domains Subject: Re: gethostbyaddr() failing Message-ID: <1990Dec18.065356.17961@riacs.edu> Date: 18 Dec 90 06:53:56 GMT References: <1990Dec16.191345.22482@engin.umich.edu> <9012170259.AA06606@nsipo.arc.nasa.gov> <1990Dec17.182114.14182@cs.umn.edu> Sender: news@riacs.edu (James A. Woods) Reply-To: medin@cincsac.arc.nasa.gov (Milo S. Medin) Organization: NASA Science Internet Project Office Lines: 51 What we do here at Ames is that the K-box base address PTR points back to the K-box, and then each dynamic address has it's own name, and a PTR record that points back it it. For example, you have: n233-edc-gw IN A 128.102.18.112 IN HINFO "Kinetics AppleTalk Gateway" "N/A" n233-edc-1 IN A 128.102.18.113 IN HINFO "AppleTalk Host" N/A n233-edc-2 IN A 128.102.18.114 IN HINFO "AppleTalk Host" N/A n233-edc-3 IN A 128.102.18.115 IN HINFO "AppleTalk Host" N/A n233-edc-4 IN A 128.102.18.116 IN HINFO "AppleTalk Host" N/A n233-edc-5 IN A 128.102.18.117 IN HINFO "AppleTalk Host" N/A n233-edc-6 IN A 128.102.18.118 IN HINFO "AppleTalk Host" N/A n233-edc-7 IN A 128.102.18.119 IN HINFO "AppleTalk Host" N/A n233-edc-8 IN A 128.102.18.120 IN HINFO "AppleTalk Host" N/A n233-edc-9 IN A 128.102.18.121 IN HINFO "AppleTalk Host" N/A n233-edc-10 IN A 128.102.18.122 IN HINFO "AppleTalk Host" N/A n233-edc-11 IN A 128.102.18.123 IN HINFO "AppleTalk Host" N/A n233-edc-12 IN A 128.102.18.124 IN HINFO "AppleTalk Host" N/A n233-edc-13 IN A 128.102.18.125 IN HINFO "AppleTalk Host" N/A n233-edc-14 IN A 128.102.18.126 IN HINFO "AppleTalk Host" N/A n233-edc-15 IN A 128.102.18.127 IN HINFO "AppleTalk Host" N/A The PTR records all point back to the proper names, which are different for each dynamically assigned address. It's not that hard to build this with a shell script or an awk script. And even if you didn't do this, all that would happen is the gethostbyaddr would fail. No big deal, as people shouldn't be sticking things with dynamically assigned addresses in their .rhosts and the like. No big deal, or perhaps I'm missing something here? In any case, it's a big payoff for the security advantages this provides. Thanks, Milo