Date: Mon, 24 Jun 2002 21:41:53 -0600 From: "Dalin S. Owen" <dowen@nexusxi.com> To: freebsd-lists@albury.net.au Cc: freebsd-security@freebsd.org Subject: Re: Hogwash Message-ID: <20020624214153.B7100@nexusxi.com> In-Reply-To: <Pine.BSF.4.31.0206251323120.43654-100000@giroc.albury.net.au>; from freebsd-lists@albury.net.au on Tue, Jun 25, 2002 at 01:28:08PM %2B1000 References: <005301c21bf5$b8d32ce0$020aa8c0@aims.private> <Pine.BSF.4.31.0206251323120.43654-100000@giroc.albury.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--61jdw2sOBCFtR2d/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Trusting TCP wrappers is like trusting inetd with heavy load. :) On Tue, Jun 25, 2002 at 01:28:08PM +1000, freebsd-lists@albury.net.au wrote: >=20 > On Tue, 25 Jun 2002, Chris Knight wrote: >=20 > > I don't know what the official response will be, but given the lack > > of information regarding the exploit, plus it's effect on a privsep > > enabled ssh, it would be mad not to recommend either turning off > > sshd, or where that is not possible, use firewalling rules to > > restrict ssh access to a limited number of hosts. >=20 > Does anyone know how hosts.allow rules (and/or tcpwrappers) will affect > this vulnerability? >=20 > If one has > sshd: ip.of.trusted.host, ip.of.also-trusted.host > in /etc/hosts.allow, is that still "sufficiently" safe to live with in > the short term? >=20 > TIA, > RossW >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --=20 Regards, Dalin S. Owen Nexus XI Corp. Email: dowen@nexusxi.com Web: http://www.nexusxi.com/ --61jdw2sOBCFtR2d/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj0X5oAACgkQKZhyFXMVXuJJHgCfenI9SHTNv993UfN56HTdh9fP UqIAoNGhsLKGC3zzHrnc0shwgy8H00GK =aZF3 -----END PGP SIGNATURE----- --61jdw2sOBCFtR2d/-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020624214153.B7100>