Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- Date: Wed, 19 Jan 2011 14:15:23 +0900
- From: "Stephen J. Turnbull" <stephen@example.com>
- Subject: Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- References: <4D306C45.8080109@example.com> <20110114165007.18eb5840.jep200404@example.com> <4D311CE8.5020106@example.com> <AANLkTikKX32FFRvLbETMOMwxZ_scOx8iABuszOkuuWfg@example.com> <4D31CCD1.20506@example.com> <4D323FC1.3080803@example.com> <4D327BEB.5070806@example.com> <20110116074025.GA21244@example.com> <B94AB967-6FDE-4F2E-BC9D-03E088817FA5@example.com> <4D32D104.9060807@example.com> <AANLkTik9NEEWtMX3nAtRbvZyT4xh3MoXXYh6ow9fBiaa@example.com> <8739os8b9f.fsf@example.com> <AANLkTikV3MSZYmgY4S6ExrtSmNEKaBsRSvJZ9x7z2szp@example.com> <4D345E12.1060808@example.com> <4D3581EA.4080209@example.com> <4D363B0D.8030405@example.com>
Darren Cook writes: > The manual ([1]) says: > UseDNS Specifies whether sshd should look up the remote > host name and check that the resolved host name for the > remote IP address maps back to the very same IP address. > The default is yes. > > So it is more than just for logging. But what security hole, if any, is > being opened by switching it off? Is the answer different for a server > on a LAN, and one that is listening on a global IP? It makes address spoofing a little bit easier. In Dave's applications, which AIUI are all intranet, I would prefer to set up bind or /etc/hosts locally, and have an internal DNS that works correctly, but not for security reasons. The security hole is the same in both cases; an attacker may be able to spoof a machine where authorized users are supposed to exist from a machine where they should not. Obviously, if there are direct routes to the Internet you've dramatically increase the possibility of spoofing. If it's all on the LAN you should be safer, but for example if Dave were seeing connections from a server box that shouldn't have any active users on it, that would clue him that his LAN has been subverted (perhaps by his daughter downloading AKB48 songs or something like that).
- Follow-Ups:
- Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- From: Darren Cook
- Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- References:
- [tlug] Slooooooow down
- From: Dave M G
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: jep200404
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Dave M G
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Romeo Theriault
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Dave M G
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Darren Cook
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Dave M G
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Christian Horn
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: mariod410
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Dave M G
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Mario De Tore
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Stephen J. Turnbull
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Mario De Tore
- Re: [tlug] Slooooooow down: logs, smartctl, DNS?
- From: Dave M G
- Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- From: Dave M G
- Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- From: Darren Cook
- [tlug] Slooooooow down
- Prev by Date: Re: [tlug] LAN, but no internet
- Next by Date: Re: [tlug] LAN, but no internet
- Previous by thread: Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- Next by thread: Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |