What are the pros and cons of enabling reverse DNS?

What are the pros and cons of enabling reverse DNS?

Currently, we have the TrendMicro-NAV running in the DMZ. What are the pros and cons of enabling reverse DNS? And where can I find some supporting documentation?

    Requires Free Membership to View

    Login

    By submitting your registration information to SearchNetworking.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchNetworking.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

One advantage is that some programs will allow you to refuse a connection if the reverse DNS does not match the forward DNS. It is another level of security that can be added, and can also be useful for logging purposes. You can, however, do a reverse DNS lookup using the "dnsname" command or simply by pinging the address. Most people agree that this is more of a headache than a help. There are other security means that are not such a pain. The matching between the forward and reverse DNS is set by the application to either match within a period of time or timeout. This can leave a workstation "hung" for a period of time. Further, DNS configuration errors can cause a 4 aspirin headache. You can find further information on this topic at IETF's website www.ietf.org and do a keyword search. There is also information on most of the active equipment manufacturer's sites that offer tech support or knowledge bases.

This was first published in July 2003