Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Daniel Stone wrote:
> Here's where theory and practice come into play. I only have a small chunk
> of 203.36.158.* (113-127, afaik), so how can you DNS-delegate that? At
> least, if there is a way, Telstra haven't figured it out yet.
This is actually quite doable, you just need to have a clued isp who
sets up a nifty little forwarding trick in the reverse DNS. Here's an
exmple of how my old ISP did it:
net152 ns kitenet.net.
153 cname 153.net184.108.40.206.in-addr.arpa.
154 cname 154.net220.127.116.11.in-addr.arpa.
155 cname 155.net18.104.22.168.in-addr.arpa.
156 cname 156.net22.214.171.124.in-addr.arpa.
157 cname 157.net126.96.36.199.in-addr.arpa.
158 cname 158.net188.8.131.52.in-addr.arpa.
I then had to set up a zone on my dns server (kitenet.net) called
net184.108.40.206.in-addr.arpa just like I would have for
200.144.198.in-addr.arpa if I had had the whole class C.
It abuses bind horribly, and takes a lot of cname records on the ISP's
side, but it works.
see shy jo, whose reverse DNS doesn't resolve properly right now, horrors!
 Well, I've had 3 very good isp's out of ~15 total, and only one was
clued enough to know how to do it, so..