I just applied these two patches:
CCE Security Update 4.0.1: Qube3-All-Security-4.0.1-15714.pkg
Qube3 Kernel Update: Qube3-All-Kernel-4.0.1-2.2.16C33-III+VPN-1.pkg
and now /var/log/messages only shows my connection from my own fully
qualified address:
Feb 10 08:19:46 cobalt sshd[3942]: Accepted password for tdunn from <ipaddress> port
47404 ssh2
Never mind the fact that I am connecting in from afar. This is of some
concern because I use hosts.allow as one of my methods of access control.
Prior to updating, it would correctly act based on my source host. Now,
*all* inbound hosts are treated as if they are from my own fqdn, effectively
neutralizing the effect of hosts.allow if I allow myself to connect.
How do I best resolve this issue?
tim
--
"There are 11 types of people in this world: people who can
understand binary, those who can't, and ones who don't care."
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
