Collecting PTR names or IP addresses (Was: Re: IRC Bot list (cross posting))

• Previous message (by thread): Collecting PTR names or IP addresses (Was: Re: IRC Bot list (cross posting))
• Next message (by thread): Collecting PTR names or IP addresses (Was: Re: IRC Bot list (cross posting))
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 	PTR records are just as pointless as A records...
> 	in a secured DNS heirarchy, this is less of an issue

We are not quite there yet, are we?

> 	since you have to spoof the entire delegation chain.
> 	so either trust the DNS (both forward and reverse)
> 	or not.  For forensics, collect the DNS lables and the
> 	IP addresses associated w/ them.
> 
> 	and yes, i have seen DNS spoofing in the wild, both A
> 	and PTR, although A spoofing is much more pronounced.

Question is, why bother and spoof?

• Previous message (by thread): Collecting PTR names or IP addresses (Was: Re: IRC Bot list (cross posting))
• Next message (by thread): Collecting PTR names or IP addresses (Was: Re: IRC Bot list (cross posting))
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]