Re: [DNSOP] Proposed text for reverse-mapping-considerations draft

I think this text is helpful, to understand where the 'requirement´ for
reverse DNS entries came from.
This mechanism was  used by ftp servers to keep logs and enforce export
control on cryptographic software :-)

You may want to add a paragraph that the r* command use of reverse mapping
for security was copied/cloned by number of other protocols.

         Olafur

At 17:46 31/05/2007, John Schnizlein wrote:
>I think this background about the origin of "security" through
>reverse lookup is helpful.  Certainly not hurtful, which is what my
>old rant about its use on UUnet's FTP server might be.
>
>John
>
>On May 31, 2007, at 5:24 PM, Andrew Sullivan wrote:
>
>>Dear colleagues,
>>
>>We received a suggestion that a short section outlining the history of
>>the use of reverse mapping in security contexts would be a good thing
>>to add to the reverse-mapping-considerations draft.  I have some
>>proposed text to add.  Before I add it, I'd like to ask for comments.
>>I am hoping that this text will be relatively uncontroversial, but if
>>it proves to be more contentious than the document has been already,
>>I'll cheerfully leave it out.
>>
>>
>>
>>2.1 Historical origins of reverse mapping use in security
>>
>>.in 3
>>The growth of the Internet in the late 1980s and early 1990s brought
>>with it attackers who acquired access to machines without
>>authorization.  Many systems attached to the Internet up to that time
>>were poorly prepared for such attacks, and administrators were forced
>>to react using available resources rather than to redesign the network
>>to meet the new security challenges.
>>
>>The popular TCP Wrapper package was originally conceived to discover
>>the network location of an attacker [Venema1992].  It used the reverse
>>mapping of a connecting host to provide the hostname of that host in
>>its output.
>>
>>During the same period, the so-called "UNIX r* commands", like rlogin
>>[RFC1282] and [RFC1258], were widely used, in spite of warnings that
>>they were prone to abuse [Reid1987].  The r* commands allowed users to
>>employ a list of trusted hosts, from which connections would be
>>accepted and authenticated without password (sometimes called the
>>"rhosts authentication" mechanism).  The mechanism remained in
>>widespread use (in spite of known flaws) because of its convenience.
>>Since the list of trusted hosts was a simple list of hostnames or
>>addresses, an attacker could acquire access by intercepting the DNS
>>query for a hostname, and replying with the IP address from which the
>>attacker was making the rhosts authentication attempt.  (This was not
>>the only weakness in the mechanism, but it is the most relevant to
>>reverse mapping.)
>>
>>In an effort to strengthen the rhosts authentication mechanism, the
>>TCP Wrapper package soon offered the ability to perform reverse
>>mapping matching checks.  If the reverse and forward mappings did not
>>match, the wrapper program would terminate the connection before
>>checking any of its other permissions.  This mechanism could be used
>>for all connections, on the grounds that forward and reverse
>>mismatches were an indication either that an attack was in progress;
>>or else that the network was badly managed, and therefore a likely
>>origin for attack.
>>
>>
>>Best regards,
>>Andrew
>>
>>
>>--
>>Andrew Sullivan                         204-4141 Yonge Street
>>Afilias Canada                        Toronto, Ontario Canada
>><andrew@ca.afilias.info>                              M2P 2A8
>>jabber: ajsaf@jabber.org                 +1 416 646 3304 x4110
>>
>>_______________________________________________
>>DNSOP mailing list
>>DNSOP@ietf.org
>>https://www1.ietf.org/mailman/listinfo/dnsop
>
>_______________________________________________
>DNSOP mailing list
>DNSOP@ietf.org
>https://www1.ietf.org/mailman/listinfo/dnsop

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop