Opinions about SSH and DNS - Discuss - lists.centos.org

List overview All Threads
Download

Opinions about SSH and DNS

RE: [CentOS] Hourly restart

saslauthd for sendmail SMTP relay

Clint Dilks

26 May 2008 26 May '08

1:23 a.m.

Hi People,

As part of securing SSH we currently have UseDNS set to yes. But we are finding that a number of ISP's are deliberately refusing to configure matching forward and reverse DNS records. So I am wondering how many of you are still using this option?

Reply

Show replies by date

Bill Campbell

26 May 26 May

1:40 a.m.

On Mon, May 26, 2008, Clint Dilks wrote:

Hi People,

As part of securing SSH we currently have UseDNS set to yes. But we are finding that a number of ISP's are deliberately refusing to configure matching forward and reverse DNS records. So I am wondering how many of you are still using this option?

The main utility of using DNS is in conjunction with tcp_wrappers where one wants to use host/domain names in /etc/hosts.allow.

IHMO, competent ISPs will handle DNS forward and reverse properly.

Unfortunately there are a lot of incompetents who purport to be ISPs.

Bill

-- INTERNET: bill@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax: (206) 232-9186 A government which robs Peter to pay Paul can always depend on the support of Paul -- George Bernard Shaw

Reply

6046

Age (days ago)

6046

Last active (days ago)

discuss@lists.centos.org

1 comments

2 participants

tags (0)

participants (2)

Bill Campbell
Clint Dilks