| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Sep 2008 01:59:22 +0200 From: Ansgar Wiechers <bugtraq@...netcobalt.net> To: bugtraq@...urityfocus.com Subject: Re: Has anyone implemented "double forward DNS"? On 2008-08-30 Duncan Simpson wrote: > Double reverse DNS, which checks the name found using reverse DNS > matches the IP adrdess enquired about is now common. I was wondering > wether about has applied the same technique to forward DNS queries > too. > > The idea here is that a client that finds www.example.com is > 192.168.3.42 does not trist this infiormation. Instead it looks up > 42.3.168.192.in-addr.arpa and checks for a PTR record saying > www.example.com. If one is not found then the result is disinformation > and should not be used. Wrong. cobalt@...ome:~ $ host www.planetcobalt.net www.planetcobalt.net CNAME chrome.planetcobalt.net chrome.planetcobalt.net CNAME planetcobalt.net planetcobalt.net A 217.10.9.49 cobalt@...ome:~ $ host 49.9.10.217.in-addr.arpa 49.9.10.217.in-addr.arpa PTR mail.planetcobalt.net cobalt@...ome:~ $ host mail.planetcobalt.net mail.planetcobalt.net A 217.10.9.49 cobalt@...ome:~ $ _ You can have multiple names resolving to the same IP address, but just one PTR record mapping that address back to a name. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Powered by blists - more mailing lists