when will we need PTR query?

when will we need PTR query?

Post by Kirr » Thu, 12 Jun 2003 11:01:03



I checked the logs of BIND, there were many PTR queries. I want to know what
kind of application need it.

Thanks.

 
 
 

when will we need PTR query?

Post by Kirr » Thu, 12 Jun 2003 11:06:37


I checked the logs of BIND, there were many PTR queries. I want to know what
kind of application need it.

Thanks.

 
 
 

when will we need PTR query?

Post by Yiorgos Adamopoulo » Thu, 12 Jun 2003 14:32:57



> I checked the logs of BIND, there were many PTR queries. I want to know what
> kind of application need it.

A rough example:

Suppose that A web browses the contents of B.  Then B only knows the IP
address of A.  By doing a PTR query, B learns the (DNS) name of A.
--

 
 
 

when will we need PTR query?

Post by Barry Margoli » Thu, 12 Jun 2003 23:40:06





>> I checked the logs of BIND, there were many PTR queries. I want to know what
>> kind of application need it.

>A rough example:

>Suppose that A web browses the contents of B.  Then B only knows the IP
>address of A.  By doing a PTR query, B learns the (DNS) name of A.

I think the gist of his question is: why would the web server need to know
the name of A?

Hostnames tend to be used for the following:

1. Logging.  Servers often log the clients that connect to them.
   Low-volume servers do a lookup at the time of the connection and log it
   then.  High-volume servers (like busy web servers) typically log the
   address, and then when someone is analyzing the logs they may translate
   all the addresses to hostnames.

2. Access control.  Software like TCP Wrappers allow you to specify the
   hostnames that are allowed access to a server.

3. User information.  Commands like "who" on Unix show the hostname that a
   remote user is coming from.

--

Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

 
 
 

when will we need PTR query?

Post by Fernando Go » Sun, 15 Jun 2003 10:52:58



>I checked the logs of BIND, there were many PTR queries. I want to know what
>kind of application need it.

Besides the uses for PTR records that Barry pointed out, I'd add that
sniffers (like tcpdump) usually try, by default,  to convert IP
addresses to hostnames.

One of the techniques for detecting sniffers I've seen out there is to
send an arbitrary IP packet, and then watch if a DNS query for PTR
records for that address(es) is made.

--
Fernando Gont

[To send a personal reply, please remove the ANTISPAM tag]