Robert Watson <rob...@cyrus.watson.org> writes:

> I'd actually like to see wtmp only use IP addresses, never hostnames. 
> Spoofed names are fairly easy to arrange; with IP filtering on border
> routers, spoofed IPs are harder....
> This of course sticks you with the task of DNS
> lookups when viewing wtmp, when you may already have done them at login
> time....
The 'finger', 'who', and 'w' commands on the SunOS machines here all do
DNS lookups for longer hostnames, and it's rare that there is any
significant DNS lookup delay.  The reasons are simple:  The lookup was
done when the user logged in, so the DNS server has the answer in its
cache.  And even if not, if anybody did finger/who/w in the recent past,
that caused the answer to be brought into the name server's cache.

(I do run BIND with negative caching enabled, which probably helps keep
delays short for reverse lookups where some name server is not
responding.)

Rahul


To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-current" in the body of the message

Reply via email to