I checked the logs of BIND, there were many PTR queries. I want to know what
kind of application need it.
>A rough example:
>Suppose that A web browses the contents of B. Then B only knows the IP
>address of A. By doing a PTR query, B learns the (DNS) name of A.
Hostnames tend to be used for the following:
1. Logging. Servers often log the clients that connect to them.
Low-volume servers do a lookup at the time of the connection and log it
then. High-volume servers (like busy web servers) typically log the
address, and then when someone is analyzing the logs they may translate
all the addresses to hostnames.
2. Access control. Software like TCP Wrappers allow you to specify the
hostnames that are allowed access to a server.
3. User information. Commands like "who" on Unix show the hostname that a
remote user is coming from.
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
One of the techniques for detecting sniffers I've seen out there is to
send an arbitrary IP packet, and then watch if a DNS query for PTR
records for that address(es) is made.
[To send a personal reply, please remove the ANTISPAM tag]
9. PTR to a PTR