IP Firewalling by DNS name
Ivan Voras
ivoras at fer.hr
Tue May 31 10:52:50 PDT 2005
bruce at nikkel.com wrote:
> Access control based on the reverse lookup of an IP address is a
> dangerous idea in general. Anyone who manages their own reverse DNS
> could bypass the security simply by creating a DNS entry. If someone
> controls the in-addr.arpa zone for a particular IP range, they can make
> those IPs resolve with any FQDN they want, even with domains they don't
> own.
Interesting! Thanks!
More information about the freebsd-stable
mailing list