Dear colleagues,
We received a suggestion that a short section outlining the history of
the use of reverse mapping in security contexts would be a good thing
to add to the reverse-mapping-considerations draft. I have some
proposed text to add. Before I add it, I'd like to ask for comments.
I am
I think this background about the origin of "security" through
reverse lookup is helpful. Certainly not hurtful, which is what my
old rant about its use on UUnet's FTP server might be.
John
On May 31, 2007, at 5:24 PM, Andrew Sullivan wrote:
Dear colleagues,
We received a suggestion that
I think this text is helpful, to understand where the 'requirement´ for
reverse DNS entries came from.
This mechanism was used by ftp servers to keep logs and enforce export
control on cryptographic software :-)
You may want to add a paragraph that the r* command use of reverse mapping
for secu
On Thu, 31 May 2007, Olafur Gudmundsson wrote:
>
> I think this text is helpful, to understand where the 'requirement´
> for reverse DNS entries came from. This mechanism was used by ftp
> servers to keep logs and enforce export control on cryptographic
> software :-)
I don't know of anyone ever
On Thu, 31 May 2007, Andrew Sullivan wrote:
>
> The popular TCP Wrapper package was originally conceived to discover
> the network location of an attacker [Venema1992]. It used the reverse
> mapping of a connecting host to provide the hostname of that host in
> its output.
No. Early TCP wrappers
