TCP IP Illustrated

Some servers require the clients ip address to have a

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: esolver to the name server for a pointer query is not a 32-bit IP address, but the domain name Hostname Spoofing Check When an IP datagram arrives at a host for a server, be it a UDP datagram or a TCP connection request segment, all that's available to the server process is the client's IP address and port number (UDP or TCP). Some servers require the client's IP address to have a pointer record in the DNS. We'll see an example of this, using anonymous FTP from an unknown IP address, in Section 27.3. Other servers, such as the Rlogin server (Chapter 26), not only require that the client's IP address have a pointer record, but then ask the DNS for the IP addresses corresponding to the name returned in the PTR response, and require that one file:///D|/Documents%20and%20Settings/bigini/Docu.../homenet2run/tcpip/tcp-ip-illustrated/dns_the.htm (11 of 18) [12/09/2001 14.47.06] Chapter 14. DNS: The Domain Name System of the returned addresses match the source IP address in the received datagram. This check is because entries in the .rhosts file (Section 26.2) contain the hostname, not an IP address, so the server wants to verify that the hostname really corresponds to the incoming IP address. Some vendors automatically put this check into their resolver routines, specifically the function gethostbyaddr. This makes the check available to any program using the resolver, instead of manually placing the check in each application. We can see an example of this using the SunOS 4.1.3 resolver library. We have written a simple program that performs a pointer query by calling the function gethostbyaddr. We have also set our /etc/resolv.conf file to use the name server on the host, which is across the SLIP link from the host sun. Figure 14.13 shows the tcpdump output collected on the SLIP link when the function gethostbyaddr is called to fetch the name corresponding to the IP address (our host sun). 1 0.0 2 0.339091 (0.3391) 3 0.344348 (0.0053) 4 0.669022 (0.3247) sun. 1812 > 1+ PTR? 29....
View Full Document

This test prep was uploaded on 04/04/2014 for the course ECE EL5373 taught by Professor Guoyang during the Spring '12 term at NYU Poly.

Ask a homework question - tutors are online