I put my own network's public addresses in 'allowed-hosts', so as not to lock myself out accidentally. Is this unwise? Am I inviting attacks from machines spoofing my own addresses?
It shouldn't be a problem - spoofing source addresses to create an SSH session is not possible. If you think about it, they can send a crafted TCP packet to your host, but then where will the response go? To your network.
Source address spoofing is really only used in DoS attacks. -- Peter SJF Bance http://www.minstrel.org.uk/
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
