Results 1 to 4 of 4

Thread: host.conf entries

  1. #1
    Join Date
    Dec 2008
    Location
    Montana, USA
    Posts
    676

    Default host.conf entries

    I was reading a chapter in an administrator's guide and was caught by the entries shown by the author's version of his /etc/host.conf file. He shows two entries that caught my attention: spoofalert and nospoof. Neither of these entries have a following value, so they would use the default values.

    Looking at the man page, I find that the default values are OFF for both these keywords. It seems that the inclusion then would be unnecessary. Am I correct in this assumption?

    And, why would these keywords not be included and turned on? It would seem to be advantageous from a security standpoint. But then, the openSuse team would have most likely included them as a default, wouldn't they?

    Obviously, I'm not understanding this situation. Can someone provide an explanation, or point me to a place where I can find an explanation?

    Bart

  2. #2
    Join Date
    May 2012
    Location
    Finland
    Posts
    2,187

    Default Re: host.conf entries

    Because it's next-to-useless, for a simple explanation;
    http://www.rackaid.com/blog/hostconf...-to-web-hosts/
    .: miuku @ #opensuse @ irc.libera.chat

  3. #3
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    15,673
    Blog Entries
    3

    Default Re: host.conf entries

    Quote Originally Posted by montana_suse_user View Post
    Can someone provide an explanation, or point me to a place where I can find an explanation?
    20 years ago, I was using "rlogin" and "rsh" to connect to other computers in the local network. The file "/etc/hosts.equiv" listed which machines I could rlogin to without a password. The fact that I was logged into my own machine, and that it was listed in "/etc/hosts.equiv" on the destination provided a kind of weak authentication.

    That weak authentication can be spoofed. The question is whether DNS should do some extra looks to try to identify possible spoofing. This check was never foolproof.

    These days, I use only "ssh" and related commands. And they provide better checking with the ssh host key. So the spoofing check is no longer useful. Worse, it gives false positives in todays environment with NAT routers. And it does otherwise unneeded DNS lookups. And "rlogin" is no longer part of a standard install.

    So the spoofing check is a relic from the past. It is not needed.
    openSUSE Leap 15.3; KDE Plasma 5.18.6;

  4. #4
    Join Date
    Dec 2008
    Location
    Montana, USA
    Posts
    676

    Default Re: host.conf entries

    Thank you! That is what I was really looking for, an explanation of why it wasn't done by the openSuse team. Hope someone else can use this info too!


    Bart

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •