# Disabling Reverse lookups entire system



## mikey777 (May 21, 2020)

How do I turn off reverse lookups for all system servcies ? sshd ftpd all of them.


----------



## mikey777 (May 22, 2020)

Not possible ?
Not feasable ?
Not practical ?
Would anyone like to know how little security there is in a reverse lookup ?


----------



## richardtoohey2 (May 22, 2020)

I don't think FreeBSD is what you are looking for.

All your posts are about how it doesn't work for you, or is confusing etc.

When people reply to try and help you, you carry on saying that it's confusing or wrong.


----------



## ralphbsz (May 22, 2020)

You probably should explain why you want to do that. Because in and of itself the request makes little sense. Are you trying to improve security? Use the internet incognito? Is your upstream DNS broken? Do you have to work around a particularly strange DNS setup? Improve performance?

If you want to do it system-wide, for all services, the best solution would probably be pf or a similar firewall. The problem with that is that I don't know how to disable reverse DNS lookup from servers, without also breaking regular outgoing DNS queries. I'm sure it's doable (a reverse lookup has different content), but haven't done it.

An interesting idea is: You could set up a DNS server, and deliberately (mis-) configure it to eat certain queries, and pass others through. That would be a charming and funny hack. Production worthy? I doubt it.

For sshd, it can be disabled in the sshd.config file, look at its man page and search for the string "DNS". For ftpd, I have no idea, but the man page probably explains it.


----------

