Currently, we have the TrendMicro-NAV running in the DMZ. What are the pros and cons of enabling reverse DNS? And where can I find some supporting documentation?
One advantage is that some programs will allow you to refuse a connection if the reverse DNS does not match the forward DNS. It is another level of security that can be added, and can also be useful for logging purposes. You can, however, do a reverse DNS lookup using the "dnsname" command or simply by pinging the address. Most people agree that this is more of a headache than a help. There are other security means that are not such a pain. The matching between the forward and reverse DNS is set by the application to either match within a period of time or timeout. This can leave a workstation "hung" for a period of time. Further, DNS configuration errors can cause a 4 aspirin headache. You can find further information on this topic at IETF's website
and do a keyword search. There is also information on most of the active equipment manufacturer's sites that offer tech support or knowledge bases.
This was last published in July 2003
Dig Deeper on IP Networking
Voicemail capabilities have evolved since the early days of answering machines. Learn what voicemail is and how features have advanced as the ...
Tracking E911 location information can be tricky when moving telephony to the cloud. But organizations have a few options to ensure that emergency ...
Proper SBC configuration requires partnering with providers and security teams to examine circuits and potential traffic. Learn the best practices ...