PTR rDNS VS Localhost verification

EnthusiastXYZ

Limp Gawd
Joined
Jun 26, 2020
Messages
221
My local DHCP + DNS server allows can use PTR rDNS records for extra verification, but only if the same assignments are not present in /etc/localhost file. What is a more secure way to resolve local hosts - PTR rDNS records or etc/localhost administration? What is more private?
 
Do it in the router / DNS server

Why would you need to hide rDNS info from clients on the network?

Why manage individual system hosts files....headaches is all you are asking for.
 
I just want to bind clients as much as possible to reduce chances of spoofing. That is why I use:
- DHCP Static Leases
- Static IP configured on each device
- Static ARP to each client's real MAC configured in router ARP table and local DNS ARP table
- Static ARP set each time router acquires a new public IP via DHCP (from ISP)
- Static ARP configured on some client devices (but not all because Android requires root to correctly bind ARP)
- DHCP Guarding
- Hosts names in local DNS server (/etc/hosts file) correspond 1:1 to client host names and their local IP addresses
- Local DNS server acts as secondary DHCP server with Static Leases bound to client MAC addresses via AdGuard Home service

Basically, there should be no room to wiggle to spoof anything!
 
Back
Top