Date: Tue, 25 Jun 2002 13:28:08 +1000 (EST) From: <freebsd-lists@albury.net.au> To: Chris Knight <chris@aims.com.au> Cc: <freebsd-security@FreeBSD.ORG>, <keith.stevenson@louisville.edu> Subject: RE: Hogwash Message-ID: <Pine.BSF.4.31.0206251323120.43654-100000@giroc.albury.net.au> In-Reply-To: <005301c21bf5$b8d32ce0$020aa8c0@aims.private>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 25 Jun 2002, Chris Knight wrote: > I don't know what the official response will be, but given the lack > of information regarding the exploit, plus it's effect on a privsep > enabled ssh, it would be mad not to recommend either turning off > sshd, or where that is not possible, use firewalling rules to > restrict ssh access to a limited number of hosts. Does anyone know how hosts.allow rules (and/or tcpwrappers) will affect this vulnerability? If one has sshd: ip.of.trusted.host, ip.of.also-trusted.host in /etc/hosts.allow, is that still "sufficiently" safe to live with in the short term? TIA, RossW To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0206251323120.43654-100000>