From mboxrd@z Thu Jan  1 00:00:00 1970
From: luke@techfreak.org
Subject: Re: SSH allow only form selected IP'
Date: Sun, 15 Aug 2004 09:59:36 -0500 (CDT)
Sender: linux-admin-owner@vger.kernel.org
Message-ID: <1216.66.189.78.234.1092581976.squirrel@srv01.scriptgods.com>
References: <1066.66.189.78.234.1092484339.squirrel@srv01.scriptgods.com>  
    <411F5E12.6000608@lovedthanlost.net>
Mime-Version: 1.0
Content-Transfer-Encoding: 7BIT
Return-path: <linux-admin-owner@vger.kernel.org>
In-Reply-To: <411F5E12.6000608@lovedthanlost.net>
List-Id: <linux-admin.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"
To: linux-admin@vger.kernel.org

I'm definitely not a firewall expert, but isn't it also possible to
get around
IPchains using IP spoofing? From what I know ipchains is only
protected against spoofing by using source address verification.

Or am I way off?

Luke



> luke@techfreak.org wrote:
>
>>One very effective way that I have found to do this is to use the
'hosts.allow' file located at /etc/hosts.allow
> hosts.allow is NOT secure.  You can easily spoof the IP addresses
contained within it.  You should not use it.
>
> Regards
>
> James
>
>