Howdy, Recently while browsing through security logs I noticed that quite a few of the hosts connecting to the machine did not resolve, I've checked into it, and apparently ProFTPd does not check forward to reverse DNS mappings, and only resolves the IP address connecting. This could easily lead to an attacker hiding his real hostname from logfiles, or an attacker slipping through ACL's by modifying their hostname. For the time being I recommend that the option 'UseReverseDNS' be disabled in the configuration file until this is fixed. Unfortunately I was not able to contact anyone to discuss this, as www.proftpd.org has been down for the past 4-5 days that I've tried it, the version tested was 1.2.2rc2. Matthew S. Hallacy
This archive was generated by hypermail 2b30 : Fri Sep 07 2001 - 17:16:04 PDT