Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Alan Shutko <ats@acm.org> writes:
> Robert van der Meulen <rvdm@cistron.nl> writes:
>
> > It providers very normal security; reasonable certainty that hosts
> > connecting to your services are 'sane' in the sense that they have both a
> > valid DNS entry, and a valid reverse DNS entry to match.
>
> What security does this give you, seriously? I can't see that it
> gives you any security at all, but it does block clients from (say)
> people on company networks that don't do reverse DNS for internal
> machines.
IMHO They don't need to setup reverse DNS. But if they do
IP -> NAME
they have to configure
NAME -> IP
correctly.
Ciao
Racke
--
Alter ego of LinuXia Systems (URL: http://www.linuxia.de),
Debian maintainer (e.g. Courier Mail Server suite), Interchange developer;
For projects and other business stuff please refer to COBOLT NetServices
(URL: http://www.cobolt.net; Email: info@cobolt.net; Phone: 0041-1-3884400)
Reply to: