Date: Fri, 12 Apr 2002 17:08:00 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: Andy Farkas <andyf@speednet.com.au> Cc: peter.lai@uconn.edu, "Kevin Kinsey, DaleCo, S.P." <kdk@daleco.biz>, security@FreeBSD.ORG Subject: Re: hosts.allow and RFC931 - was: sshd warning---a lil' help? Message-ID: <87132.1018624080@axl.seasidesoftware.co.za> In-Reply-To: Your message of "Fri, 12 Apr 2002 21:07:10 %2B1000." <Pine.BSF.4.33.0204122053380.56356-100000@backup.af.speednet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 12 Apr 2002 21:07:10 +1000, Andy Farkas wrote: > Question: the above rule in the default /etc/hosts.allow file is *above* > the rules regarding sshd - does this mean that sshd is not protected > against forged source IP adresses? Given the high psuedo-random quality of modern FreeBSD's TCP ISN generation, do you think it's worth worrying about people spoofing SSH connections? Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87132.1018624080>