On Fri, Mar 22, 2002 at 11:44:45AM -0300, kratz wrote: > For aplications based on TCPD is ease, only enable tcp-paranoid in to > file /etc/hosts.deny. > ALL:PARANOD.
Actually this is a simple DNS double lookup (normal / Reverse). This can prevent DNS Spoofing (most of the time it can also prevent legal use), but it is not working on the IP-Spoofing level. Using tcpd to protect based on source ip is risky, using it to protect based on domain names is foolish. Greetings Bernd
