[43] in bugtraq
Re: Internet Worm
daemon@ATHENA.MIT.EDU (F. L. Charles Seeger III)
Tue Oct 18 23:41:20 1994
From: seeger@cis.ufl.edu (F. L. Charles Seeger III)
Date: Tue, 18 Oct 1994 21:09:46 -0400
In-Reply-To: jim@Tadpole.COM <9410181857.AA16440@chiba>
To: jim@Tadpole.COM, perry@imsi.com, schwartz@galapagos.cse.psu.edu
Cc: bugtraq@fc.net, jmb@kryten.Atinc.COM
+------ jim@Tadpole.COM wrote (Tue, 18-Oct-94, 13:57 -0500):
|
| Sun (at least in SunOS 4) didn't do any "mucking about" with
| libresolv and YP in libc.
Wrongo!. Sun changed the semantics of the gethostbyaddr() resolver
function and changed several programs, including rlogin, to depend
on the changed semantics for security.
The change has gethostbyaddr() checking its result with a call to
gethostbyname(), i.e. checking that the DNS has both a PTR record
and a matching A record for that IP address and associated host name.
The intent is to prevent spoofing. IMHO, this ought to be done
either in the application program or in a separate library call.
Regards,
Chuck
