the value of reverse address lookups?

• Previous message (by thread): the value of reverse address lookups?
• Next message (by thread): the value of reverse address lookups?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 31, 2004, Douglas F. Calvert wrote:
> 
> Hello,
>  I am interested in finding out what the motivation is for requiring
> valid reverse address lookups before connecting to a daemon. I have
> heard a number of different explanations, the majority of the responses
> point to history/tradition and tcpwrappers. Is there a commonly accepted
> justification for this practice?  In my opinion it does not appear to
> increase the validity of the connection. But I may be missing something
> obvious.

if you reverse resolve, then some registry somewhere (ARIN, RIPE, APNIC, etc)
recognises that network as having 'valid' contact details and has assigned
someone reverse authority.

It stops some IP block hijackers - if you find the right peer,
you can just pop up for a bit, say "hi! I'm foo/12!", start spamming
from a few /16's worth of IPs, then drop away after an hour.

In practice, at least with IP block hijackers, they'll either
(a) hijack a smaller chunk of a registered/announced ip network, complete
    with nameservers, or
(b) they'll find a registered but un-announced ip network, with the
    in-addr authoritative nameservers inside said network, and just
    pop up for spamming there.

I think you'll find the original reasoning rooted in past history.
A few useful side-effects, like the above, have popped up so I don't
think there's much motivation to change it.

2c,



Adrian

-- 
Adrian Chadd			I'm only a fanboy if
<adrian at creative.net.au>	    I emailed Wesley Crusher.

			

• Previous message (by thread): the value of reverse address lookups?
• Next message (by thread): the value of reverse address lookups?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]