Whenever I SSH somewhere I get something like this in the logs:
sshd[16734]: reverse mapping checking getaddrinfo for
1.2.3.4.crummyisp.net [1.2.3.4] failed - POSSIBLE BREAK-IN ATTEMPT!
And it is right: if I do host 1.2.3.4
it returns 1.2.3.4.crummyisp.net
,
but if I do host 1.2.3.4.crummyisp.net
it is not found.
I have two questions:
What security threat is there? How could anyone fake a one-way DNS in some threatening way?
Do I have any recourse for fixing this? I'll send my ISP a bug report, but who knows where that'll go.