[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Duplicating a coroutine
- From: Mouse <mouse@...>
- Date: Thu, 20 Jul 2023 22:12:11 -0400 (EDT)
>> Oddly, [www.inf.puc-rio.br] doesn't answer pings, and mtr to it gets
>> to 139.82.59.22, which has forged rDNS, before failing. Maybe the
>> machine is sick?
> rDNS looks sane to me, though: [...]
I no longer recall precisely what I saw. But, now, I see 139.82.16.205
as fine; it reverse-resolves to ogum.inf.puc-rio.br, which
forward-resolves to 139.82.16.205.
But 139.82.59.22 has forged rDNS now: it reverse-resolves to
rdc3.rdc.puc-rio.br and nothing else, but rdc3.rdc.puc-rio.br
forward-resolves to 139.82.181.59 and nothing else. (Whether "forged"
is the most appropriate term in this case is debatable - I suspect it
is not malicious in this case - but the forward DNS crosscheck _is_ the
canonical test for rDNS forgery, and in this case it fails. Various
software will disbelieve the rDNS if, upon mapping the address to a set
of names, then mapping each name to a set of addresses and taking the
union of those sets of addresses, the original address isn't found in
the resulting set of addresses. In this case each set is of size one,
but each set can have size from 0 upwards, and I've seen unusual cases
often enough.)
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse@rodents-montreal.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B