Path: utzoo!utgpu!watserv1!watmath!att!linac!pacific.mps.ohio-state.edu!zaphod.mps.ohio-state.edu!julius.cs.uiuc.edu!apple!sun-barr!lll-winken!prang!ejmmips.NOC.Vitalink.COM!ejm From: ejm@ejmmips.NOC.Vitalink.COM (Erik J. Murrey) Newsgroups: comp.protocols.tcp-ip.domains Subject: Sun 4.1 gethostbyaddr [was Re: PTR records of gateways on the Internet ] Message-ID: <23@prang.TEST.Vitalink.COM> Date: 11 Jan 91 17:36:18 GMT References: <1991Jan9.195641.17628@slcs.slb.com> Sender: usenet@prang.TEST.Vitalink.COM Reply-To: ejm@ejmmips.NOC.Vitalink.COM (Erik J. Murrey) Followup-To: comp.protocols.tcp-ip.domains Organization: Vitalink Communications Lines: 24 Nntp-Posting-Host: ejmmips.noc.vitalink.com In article , ckd@cs.bu.edu (Christopher Davis) writes: > Except that (1) SunOS 4.1's gethostbyaddr wants an A record for added > security against DNS spoofing (admirable, but non-optimal when you just > want whatever PTRs are out there...), and (2) there ARE A records out > there, for the other interfaces. Example: > I think this may be overkill on the part of Sun. I agree that for semi-secure applications, a reverse check is necessary to insure that the DNS admins aren't faking host names. (i.e. the rexec and rcmdservices + rlogin benifiit from this check) However, for other applications such as mail, finger, traceroute, etc, this double-check is unecessary. Sun should have done more research into the impact of this unexpected change before shipping it with a major release of software. ---- Erik Murrey Vitalink Communications NOC ejm@NOC.Vitalink.COM, uunet!vitam6!noc.vitalink.com!ejm