Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Slooooooow down: logs, smartctl, DNS? [SOLVED?]

>> So it is more than just for logging. But what security hole, if
>> any, is being opened by switching [sshd's UseDNS] off? Is the
>> answer different for a server on a LAN, and one that is listening
>> on a global IP?
> The security hole is the same in both cases; an attacker may be able 
> to spoof a machine where authorized users are supposed to exist from
> a machine where they should not.

A bit of googling on "address spoofing SSH" says it won't work; even if
you say you are the server will reply to the real, not
to you.

Taking the LAN case, if machine A only allows SSH access from machine B
(, and I found a way to get root access on machine C on that
LAN, and gave machine C an additional IP of I can see how it
might work. But I still don't see how a DNS lookup changes anything: if
I can change the IP address on machine C I can also change the hostname.

(I realize I must be misunderstanding something, somewhere, or sshd
wouldn't have the UseDns option :-)


Darren Cook, Software Researcher/Developer (About me and my work) (My blogs and articles)

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links