[Full-Disclosure] Full-Disclosure digest- good reverse dns server

From: Philip Stortz (madscientist_at_wyoming.com)
Date: 07/03/03

  • Next message: Ron DuFresne: "Re: [Full-Disclosure] Microsoft Cries Wolf ( again )"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 03 Jul 2003 03:43:53 -0600
    
    

    does any one know of a free reverse dns server that's good? the dns servers my isp provides frequently fail to identify the owners of ip# in my firewall log. while i do sometimes manually look them up at arin.net etc., i'd really like to find a reverse dns server to identify all those ip#, many of which are incursion attempts by dsl or dialup or cable modem users on other isp's, and many of which are advertising or tracking sites (which i aggressively block for privacy and because the ad servers tend to be overloaded and greatly slow down surfing, especially since i'm limited to dialup at present).

    I'll be setting up a hardware firewall with openbsd, and hopefully will have a local dns cache which should help, but i hope to add several extensions to the normal "pf" firewall (i.e. automatic black listing of ip's that try to incur etc. and other niceties).

    along the same lines, i'm considering getting a cable modem in the future, but of course there are security issues, are there services set up such that i could have ssl or vpn contact to a remote machine and they would reroute it to the actual destination so that my communications would be secure on the cable line (i.e. encrypted) and then routed on the backbone unencrypted to sites that don't use encryption or parts of sites that don't? if this service isn't available, it seems to me it could be a great business opportunity. for many people like myself a cable modem is the only way to get a fat internet pipe but the security/privacy issues are alarming. it seems to me that companies like att should provide secure encryption for all their cable modem users. doubtless the insecurity of cable modems leads to much of the identity theft that happens on the web, particularly with sites like ebay that have bad security to start with (i.e., the default login is insecure, you ha!
     ve to click a link to login via ssl, and currently there's no ssl for changing your password!). yes, i have complained to ebay, but shouting at walls is tiring.

    -- 
    --S363, aka Philip Stortz-- Find your number at : < http://iharder.sourceforge.net/soundex.php>< http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2003/06/08/MN253740.DTL> Maybe the real "criminals" are those who claim to be working in the interest of "National Security", the last refuge of the scoundrel...
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Ron DuFresne: "Re: [Full-Disclosure] Microsoft Cries Wolf ( again )"

    Relevant Pages

    • Re: SSL php code
      ... > Sean I am planning on exclusievely using secure pages (ssl) after the user requests to login. ... This will securely redirect to a login ...
      (comp.lang.php)
    • Re: sendmail with smtp relay authentication
      ... LOGIN PLAIN')dnl ... the mail log and also attached the auto mail response I got. ... m31N0w2T002913: return to sender: User unknown ... 505 5.0.0 Message is sent with SSL but SSL is not allowed ...
      (comp.mail.sendmail)
    • RE: Authorize.Net Plain Text Login Transmission
      ... service provider to find out personally whether or not they are vulnerable. ... Authorize.Net Plain Text Login Transmission ... > function as if you had gone to the correct SSL version of the page. ...
      (Bugtraq)
    • Re: iis 6 ssl redirect initial login encrypted?
      ... Whilst the password isn't passed using either NTLM or Kerberos, it's not necessary for an attacker to know the password. ... another login box that uses https:// ... I just need to> get ssl ...
      (microsoft.public.inetserver.iis.security)
    • Re: Google Secure Access
      ... >> email INCLUDING CLICKING ON THAT LITTLE SSL OPTION. ... Google then SENDS YOUR LOGIN DETAILS IN THE CLEAR TO YOUR ISP. ...
      (sci.crypt)