[PLUG] auth.log
Chris Jantzen
chris at maybe.net
Sun Mar 14 21:38:11 UTC 2004
On Sun, Mar 14, 2004 at 08:29:59PM -0800, Chris Jantzen wrote:
> On Sun, Mar 14, 2004 at 07:39:31PM -0800, Marv wrote:
> > What is "reverse mapping checking getaddrinfo for
> > 66-42-36-140.sttl.dial.netzero.com" all about??
>
> Do "host 66-42-36-140.sttl.dial.netzero.com" (or nslookup or dig or
> whatever's appropriate) and it'll return an ip address. Then do "host
> xx.xx.xx.xx" on that ip address. If they don't match, the isp is doing
> something wrong, or someone who controls their reverse lookup was
> trying to take advantage of host-based authentication (which you
> shouldn't do anyways) to break in. If they do match, your DNS server
> may have had a hiccup, or they "cleaned up their act". The benign
> answers (incompetent isp and dns hiccup) are, unfortunately, the most
> likely answers. ("Unfortunately", in that it's a bit like Chicken
> Little.)
(Or I could do this myself. But the explanation should help you.)
omoikane:~$ host 66.42.36.140
140.36.42.66.in-addr.arpa domain name pointer 66-42-36-140.sttl.dial.netzero.com.
omoikane:~$ host 66-42-36-140.sttl.dial.netzero.com
Host 66-42-36-140.sttl.dial.netzero.com not found: 3(NXDOMAIN)
Definitely a case of incompetent isp.
--
chris kb7rnl =->
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20040314/a658f956/attachment.asc>
More information about the PLUG
mailing list