[48] in bugtraq
Re: Internet Worm
daemon@ATHENA.MIT.EDU (jim@Tadpole.COM)
Wed Oct 19 14:32:03 1994
From: jim@Tadpole.COM
Date: Wed, 19 Oct 1994 11:07:59 -0500
To: ccsis@bath.ac.uk, seeger@cis.ufl.edu
Cc: bugtraq@fc.net
> When ypserv doesn dns lookups on behalf of its clients with the -b hack,
> it is using libresolv, so this case also involves Sun's mucking.
Ok, I've always been speaking about libc(shared or not) here,
and at least two of you are now speaking about libresolv.a.
Was I confused, or did someone change the subject?
Yes, the gethostbyaddr() call in libresolv has the reverse lookup.
No, its done in a different place inside ypserv. ypserv has its
own, special version of the resolver library, and does:
if (!found_addr) { /* weve been spoofed */
syslog(LOG_CRIT, "nres_gethostbyaddr: %s != %s",
temp->name, inet_ntoa(temp->theaddr));
theans = NULL;
temp->h_errno = HOST_NOT_FOUND;
}
in nres_dorecv().
Jim
