[77853] in North American Network Operators' Group
Collecting PTR names or IP addresses (Was: Re: IRC Bot list (cross
daemon@ATHENA.MIT.EDU (Ketil Froyn)
Fri Feb 11 10:48:58 2005
From: Ketil Froyn <kfroyn@gnr.com>
To: nanog@nanog.org
In-Reply-To: <Pine.GSO.4.58.0502082012540.6191@kungfunix.net>
Date: Fri, 11 Feb 2005 15:45:52 +0000
Errors-To: owner-nanog-outgoing@merit.edu
> > http://www.albany.edu/~ja6447/hacked_bots8.txt
Isn't it a good idea to collect the IP addresses rather than the ptr
name? For instance, if I were an evil person in control of the ptr
record of my own IP, I could easily make the name something like
1-2-3-4.dsl.verizon.net, and if you didn't collect my IP, you can never
be sure you got the right details!
Something like this is probably not very widespread (has anyone seen it
in practice?), but I still think that for tracking purposes, ptr records
are useless. IMHO.
Ketil
