Reverse Mapping Checking Addrinfo
Posted: Sun May 08, 2011 5:10 pm
Hi,
I got someone trying to knock on my servers door today with a spoof domain or something and am wondering :
a) Why does reverse mapping checking addrinfo for reserve.cableplus.com.cn fail ?
Do I need to set somthing up to deal with this failure and would a sledgehammer response be to use geo block to lock off china from the list of 'weclome' visitors?
That reserve.cableplus.com.cn address is listed in the blocklist and whilst ips are added from the blocklist to the blacklist, this duff hostname cannot.
What happens to the attacking hostname as no ip can be resolved - Can this break something or allow the attacker to comeback again as no ip has been entered to identify them ?
Any advice on a way to get around this or tighten my side of things up to being nice and smooth in relation to these events.
Does this - http://atomicorp.com/forums/viewtopic.p ... se+mapping bear any relevance to my problem ?
Thanks in advance
I got someone trying to knock on my servers door today with a spoof domain or something and am wondering :
a) Why does reverse mapping checking addrinfo for reserve.cableplus.com.cn fail ?
Do I need to set somthing up to deal with this failure and would a sledgehammer response be to use geo block to lock off china from the list of 'weclome' visitors?
That reserve.cableplus.com.cn address is listed in the blocklist and whilst ips are added from the blocklist to the blacklist, this duff hostname cannot.
What happens to the attacking hostname as no ip can be resolved - Can this break something or allow the attacker to comeback again as no ip has been entered to identify them ?
Any advice on a way to get around this or tighten my side of things up to being nice and smooth in relation to these events.
Does this - http://atomicorp.com/forums/viewtopic.p ... se+mapping bear any relevance to my problem ?
Thanks in advance