On Fri, Jan 11, 2002 at 12:11:13AM +0100, martin f krafft wrote: > > If a host does not match its IP, your system SHOULD deny it access. > > i actually disagree. (a) these days, many run their own DNS even though > the IP belongs to someone else and is only leased to a "home user". (b) > you wouldn't believe how many DNS admins don't grasp reverse resolution, > how many have misconfigured it (or not configured it at all), and how > many times it just simply fails because of that reason even though it's > a legit request.
i can only speak from my limited experience. i have found these measures to work, therefore i practice them. of course, one would agree to disagree. Sam -- (Sam Varghese) http://www.gnubies.com Software industry: unique industry where selling substandard goods is legal and you can charge extra for fixing the problems.
