Re: ProFTPd and reverse DNS

From: Krzysztof Halasa (khcat_private)
Date: Sat Sep 08 2001 - 02:36:14 PDT

Next message: Anuff Joey: "Re: Insecure handling of notes in Slashcode"

Previous message: Jeroen Massar: "RE: ProFTPd and reverse DNS"
Next in thread: Karsten W. Rohrbach: "Re: ProFTPd and reverse DNS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Michael S. Fischer" <michaelat_private> writes:

> Another potentially useful workaround is to configure ProFTPd to run out
> of inetd, using TCP Wrappers to enforce paranoid DNS checks.  This way
> you can have your cake and eat it too.

One can probably bypass ftpd ACLs in such configuration - it should be
possible to provide valid DNS/rDNS mapping when tcp wrapper is asking
(using short TTL) and then give ftpd some other host name.

It might be fine if you just don't want visits from unregistered hosts.
-- 
Krzysztof Halasa
Network Administrator

Next message: Anuff Joey: "Re: Insecure handling of notes in Slashcode"
Previous message: Jeroen Massar: "RE: ProFTPd and reverse DNS"
Next in thread: Karsten W. Rohrbach: "Re: ProFTPd and reverse DNS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Sep 08 2001 - 19:07:28 PDT