Whenever I SSH somewhere I get something like this in the logs: sshd[16734]: reverse mapping checking getaddrinfo for 1.2.3.4.crummyisp.net [1.2.3.4] failed - POSSIBLE BREAK-IN ATTEMPT! And it is right: if I do host 1.2.3.4 it returns 1.2.3.4.crummyisp.net, but if I do host 1.2.3.4.crummyisp.net it is not found. I have two questions: What security threat is there? How could anyone fake a one-way DNS in some threatening way? Do I have any recourse for fixing this? I'll send my ISP a bug report, but who knows where that'll go.