[22572] in bugtraq
Re: ProFTPd and reverse DNS
daemon@ATHENA.MIT.EDU (Noah)
Sat Sep 8 04:00:29 2001
Date: Sat, 8 Sep 2001 02:35:34 -0400 (EDT)
From: Noah <sitz@onastick.net>
To: "Michael S. Fischer" <michael@dynamine.net>
Cc: "Matthew S . Hallacy" <poptix@techmonkeys.org>,
<bugtraq@securityfocus.com>
In-Reply-To: <20010907171614.A23062@dynamine.net>
Message-ID: <Pine.LNX.4.32.0109080234020.5828-100000@stanis.onastick.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Fri, 7 Sep 2001, Michael S. Fischer wrote:
> On Fri, Sep 07, 2001 at 03:38:27PM -0600, Matthew S . Hallacy wrote:
>
> > Recently while browsing through security logs I noticed that quite a
> > few of the hosts connecting to the machine did not resolve, I've
> > checked into it, and apparently ProFTPd does not check forward to
> > reverse DNS mappings, and only resolves the IP address connecting.
[snip]
> Another potentially useful workaround is to configure ProFTPd to run out
> of inetd, using TCP Wrappers to enforce paranoid DNS checks. This way
> you can have your cake and eat it too.
Alternatively, one could use mod_wrap:
http://rad.geology.washington.edu/~tj/proftpd/
Cheers,
Noah
