Date: Mon, 1 Apr 2002 00:32:40 -0800 (PST) From: Jason Stone <jason@shalott.net> To: <security@FreeBSD.ORG> Subject: Re: SSH or Telnet? Message-ID: <20020401003026.D2704-100000@walter> In-Reply-To: <004101c1d800$a4a71ee0$6401a8c0@router.unknown.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > I would also recomend that you restrict access to ssh using > /etc/hosts.allow if you would like some added security to just who all > can ssh to your box. ipfw (or whatever) rules are preferable to /etc/hosts.allow rules, because if there's a buffer overrun, it can probablly be exploited before /etc/hosts.allow is even opened, whereas ipfw rules prevent the exploitative packets from ever reaching the sshd. -Jason ----------------------------------------------------------------------- I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE8qBszswXMWWtptckRArhtAJ0Z3g8P7iwCdd/0yOoZncXzR8evNQCg9Fmc ZtOdVrJWMFRAPFBh140o0xY= =09oC -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020401003026.D2704-100000>