Date: Thu, 24 Sep 1998 22:10:15 -0500 From: Kris Kirby <kris@airnet.net> To: Mark Murdock <fee@tetrahome.tetranet.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: resolving ips? (fwd) Message-ID: <360B0997.92CE5586@airnet.net> References: <Pine.BSD/.3.91.980924000827.28488A-100000@tetrahome.tetranet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murdock wrote: > Yet another question for freebsd network experts: <ahem> Suddenly, I feel I should *not* be the one answering this. > When I try to telnet to an ip address, my system attempts to contact my > name servers in my /etc/resolv.conf file. I was actually unable to telnet > to an ip due to this when my ipfw configuration was blocking udp on 53. I haven't looked over IPFW, but generally I allow all out-bound connections. It seems to do the job, and they'd have to crack me to put up a backdoor. I limit incoming connections severely though. There is never enough security. > Why consult the resolver? Why not just make your connection based on the > kernel routing tables? <KIDDING> I lie awake at night and ponder the same thing... </KIDDING> I have a few machines on a LAN. They like to talk. They like to email me, at my main computer. So I put up a DNS (named) that gets killed in my ppp.linkup, and a caching DNS started. When the ppp link goes down, so does the caching DNS. The trick behind that idea was making my local DNS primary, which meant that it *had* to be killed. Otherwise I wouldn't be able to access ML.ORG. That's who I "locally" DNS for. My .ml.org. machines actually coincide with real names / addresses. You just can't telnet to them because they don't exist (using the 10 domain). But all is fine and dandy on my side of the firewall :). -- Kris Kirby UAH Mail <kirbyk@email.uah.edu> UAH CS <kkirby@cs.uah.edu> Home <kris@airnet.net> WWW <nomurphy@hotmail.com> ------------------------------------------- TGIFreeBSD... 'Nuff said. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?360B0997.92CE5586>