Reverse DNS RFCs and Recommendations

• Previous message (by thread): Reverse DNS RFCs and Recommendations
• Next message (by thread): Reverse DNS RFCs and Recommendations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

(2013/11/02 10:48), Alex Rubenstein wrote:
>>>> Not necessarily. When the CPE is configured through DHCP (or PPP?),
>>>> the ISP can send the secret.
>>>
>>> Which can be seen, in many cases, by other parties
>>
>> Who can see the packets sent from the local ISP to the CPE directly
>> connected to the ISP?
> 
> The NSA, FBI, CIA, DHS.

>> If you mind wire tapping, you have other things to worry
>> about, which needs your access line encrypted (by a manually
>> configured password), which makes DHCP packets invisible.

> Or, the ISP, the ISP's employees, contractors, sub-contractors.

If you can't trust the ISP, you can't make rDNS operated
by the ISP secure.

> Or the phone company handling the PPPOE, L2TP, or whatever else.

>> If you mind wire tapping, you have other things to worry
>> about, which needs your access line encrypted (by a manually
>> configured password), which makes DHCP packets invisible.

> Or the WiFi sniffer on the street outside.

Does your CPE retransmit a received DHCP reply to Wifi?

						Masataka Ohta

• Previous message (by thread): Reverse DNS RFCs and Recommendations
• Next message (by thread): Reverse DNS RFCs and Recommendations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]