Re: [Denyhosts-user] spoofing and the allowed-hosts file

[Floris van den Berg]

Marshall Dudley schreef: Floris van den Berg wrote:   Peter Horst schreef:     I put my own network's public addresses in 'allowed-hosts', so as not to lock myself out accidentally.  Is this unwise?  Am I inviting attacks from machines spoofing my own addresses?       I do this too. Personally i think it's a wise thing to do. A spoofer can never know which ip-adress you allow. Actually they can if they have any emails from you. For instance you are on 66.35.250.225 ip.   Yeah, you're right. Actually I meant they can't know the ip-address just by looking at the server without using any other information. But even if someone does come accross that ip: who can tell that's the ip i put in my hosts.allow? Maybe i sent that mail from my grandmother's house. And even when that's the ip that's allowed, other safety measures will prevent people from gaining access. Such as - Don't allow direct root access - Use safe passwords - Monitor logs I wouldn't worry about not blocking a particular ip address. Floris

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Denyhosts-user mailing list
Denyhosts-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/denyhosts-user