ipfw and hostnames
Petri Helenius
pete at he.iki.fi
Sun Jun 1 12:41:26 PDT 2003
>
> You are strongly advised to use IP addresses instead of hostnames in firewall
> rulesets, to avoid DNS spoofing attacks subverting your firewall. Ideally, your
> firewall should function without depending on any external network resources.
>
I know that, I control the domains and additionally they are for non-critical
resources like NTP access. Obviously all rules really important are based
on IP addresses.
Pete
More information about the freebsd-net
mailing list