FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 09-27-2010, 08:19 AM
Zhang Weiwu
 
Default loose access control that works for dynamic IP address

Hello.

I need rather loose security that the server daemon offer services on a
TCP port, allow/deny a client's tcp incoming connection based on a FQDN.
The problem being the ip address of the FQDN is a dynamic one of the
same host, changing once per three days.

I know both IP table and tcpd can manage allow/deny rule based on IP
addresses, but can they do so with a FQDN that maps to dynamic IP address?

Thanks in advance!

P.S. I am totally aware of the security risk of authenticating a client
based on its FQDN, including being aware of attacks based on DNS
spoofing. If you usually insist on either solid security or no security,
please kindly ignore this post.

Best.
Zhang Weiwu


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4CA053A8.4010304@realss.com">http://lists.debian.org/4CA053A8.4010304@realss.com
 
Old 09-27-2010, 08:22 AM
Zhang Weiwu
 
Default loose access control that works for dynamic IP address

On 2010年09月27日 16:19, Zhang Weiwu wrote:
> The problem being the ip address of the FQDN is a dynamic one of the
> same host, changing once per three days.
>
In case I wasn't clear with the above explanation: with dynamic IP
address, dns reverse-lookup won't work.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4CA0545C.5050605@realss.com">http://lists.debian.org/4CA0545C.5050605@realss.com
 
Old 09-27-2010, 08:54 AM
Scott Ferguson
 
Default loose access control that works for dynamic IP address

On 27/09/10 18:19, Zhang Weiwu wrote:
> Hello.
>
> I need rather loose security that the server daemon offer services on a
> TCP port, allow/deny a client's tcp incoming connection based on a FQDN.
> The problem being the ip address of the FQDN is a dynamic one of the
> same host, changing once per three days.
>
> I know both IP table and tcpd can manage allow/deny rule based on IP
> addresses, but can they do so with a FQDN that maps to dynamic IP address?
>
> Thanks in advance!
>
> P.S. I am totally aware of the security risk of authenticating a client
> based on its FQDN, including being aware of attacks based on DNS
> spoofing. If you usually insist on either solid security or no security,
> please kindly ignore this post.
>
> Best.
> Zhang Weiwu
>
>

Would dyn-dns help?


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4CA05BB1.4020207@gmail.com">http://lists.debian.org/4CA05BB1.4020207@gmail.com
 

Thread Tools




All times are GMT. The time now is 06:27 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org