[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default

Alan Shutko <ats@acm.org> writes:

> Robert van der Meulen <rvdm@cistron.nl> writes:
> 
> > It providers very normal security; reasonable certainty that hosts
> > connecting to your services are 'sane' in the sense that they have both a
> > valid DNS entry, and a valid reverse DNS entry to match. 
> 
> What security does this give you, seriously?  I can't see that it
> gives you any security at all, but it does block clients from (say)
> people on company networks that don't do reverse DNS for internal
> machines.

IMHO They don't need to setup reverse DNS. But if they do 

IP -> NAME

they have to configure

NAME -> IP

correctly.

Ciao
        Racke

-- 
Alter ego of LinuXia Systems (URL: http://www.linuxia.de),
Debian maintainer (e.g. Courier Mail Server suite), Interchange developer;
For projects and other business stuff please refer to COBOLT NetServices
(URL: http://www.cobolt.net; Email: info@cobolt.net; Phone: 0041-1-3884400)
Reply to: