From owner-freebsd-security  Fri Apr 12  8: 5:22 2002
Delivered-To: freebsd-security@freebsd.org
Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201])
	by hub.freebsd.org (Postfix) with ESMTP id BAAB737B405
	for <security@freebsd.org>; Fri, 12 Apr 2002 08:05:16 -0700 (PDT)
Received: from sheldonh (helo=axl.seasidesoftware.co.za)
	by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1)
	id 16w2ee-000MfN-00; Fri, 12 Apr 2002 17:08:00 +0200
From: Sheldon Hearn <sheldonh@starjuice.net>
To: Andy Farkas <andyf@speednet.com.au>
Cc: peter.lai@uconn.edu,
	"Kevin Kinsey, DaleCo, S.P." <kdk@daleco.biz>, security@FreeBSD.ORG
Subject: Re: hosts.allow and RFC931 - was: sshd warning---a lil' help? 
In-reply-to: Your message of "Fri, 12 Apr 2002 21:07:10 +1000."
             <Pine.BSF.4.33.0204122053380.56356-100000@backup.af.speednet.com.au> 
Date: Fri, 12 Apr 2002 17:08:00 +0200
Message-ID: <87132.1018624080@axl.seasidesoftware.co.za>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org



On Fri, 12 Apr 2002 21:07:10 +1000, Andy Farkas wrote:

> Question: the above rule in the default /etc/hosts.allow file is *above*
> the rules regarding sshd - does this mean that sshd is not protected
> against forged source IP adresses?

Given the high psuedo-random quality of modern FreeBSD's TCP ISN
generation, do you think it's worth worrying about people spoofing SSH
connections?

Ciao,
Sheldon.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message