Checking for a fully qualified host name for Linux systems
This topic provides information on how to verify a fully qualified host name for Linux®.
About this task
/etc/host.conf
file specifies how names
are resolved. The entries in the /etc/host.conf
file tell
the resolver library what services to use, and in what order, to resolve names.
Edit the host.conf
file using the vi editor to add
the following lines: # Lookup names through DNS first then fall back to /etc/hosts.
order bind,hosts
# Machines with multiple IP addresses.
multi on
# Check for IP address spoofing.
nospoof on
The order option indicates the order of services.
The sample entry specifies that the resolver library should first consult
the name server to resolve a name and then check the /etc/hosts
file.
It is recommended to set the resolver library to first check the name server, bind
file,
and then the hosts
file (hosts) for better performance and
security on all your servers. You must have the DNS and BIND software installed
for this configuration to work.
The multi option determines
whether a host in the /etc/hosts
file can have multiple IP
addresses. Hosts that have more than one IP address are said to be multihomed,
because the presence of multiple IP addresses implies that the host has several
network interfaces.
The nospoof option takes care of not permitting spoofing on this machine. IP-Spoofing is a security exploit that works by tricking computers into a trust relationship that you are someone that you really are not. In this type of attack, a machine is set up to look like a legitimate server and then issue connections and other types of network activities to legitimize end systems, other servers, or large data repository systems. This option must be set ON for all types of servers.