North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
--- "Vivien M." <[email protected]> wrote: > > -----Original Message----- > > From: [email protected] [mailto:[email protected]]On Behalf Of > > Pyda Srisuresh > > Sent: May 15, 2001 12:03 PM > > To: [email protected]; Adam McKenna > > Cc: [email protected] > > Subject: Re: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS > > > > > > Forcing hostnames and PTR's to match will also prevent people from NAT > > land accessing your servers. There are hardly any NAT implementations > > that do dynamic DNS updates. > > Your NAT implementation must not be the same as the ones I've worked with, > because with the [simple] ones I've seen, you have something like > 192.168.0.0/24 all coming out and talking to the world as 1.2.3.4 (the more > elaborate implementations give each private IP a unique outside IP, in which > case you just set up your DNS for each IP. A little more work, perhaps, > but...). Now, if 1.2.3.4 has proper matching forward/reverse DNS lookups, I > don't see how people behind someone else's NAT pose a problem. > Sure, not in the case of NAPT (assuming you have a PTR record set for 1.2.3.4). My point is merely that there may be many cases it is not so straight forward to do the DNS updates for PTR records. > Vivien > -- > Vivien M. > [email protected] > Assistant System Administrator > Dynamic DNS Network Services > http://www.dyndns.org/ > cheers, suresh __________________________________________________ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/
|