Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 04-12-2012, 04:17 PM   #1
LQ Newbie
Registered: Apr 2012
Posts: 3

Rep: Reputation: Disabled
Question Tcpwrappers in hosts.allow and spoofing IP addresses

We've added some rules to the hosts files to allow only certain ranges of IP addresses from a consulting company to have SSH access to a Linux machine. Another person was worried the someone could just "spoof" one of that company's IP addresses.

I thought "spoofing" your IP address was just masking it through proxy servers - not being able to just make it someone elses.

Is it easy (if known) to change your IP address and "fool" the rules from the hosts files?

- J
Old 04-12-2012, 04:31 PM   #2
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911
Hi, welcome to LQ!

That all depends on the topolgy we're looking at...

Does your machine get its traffic routed/NATed?
Do the other machines all have public IPs?

Old 04-12-2012, 04:57 PM   #3
LQ Newbie
Registered: Apr 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
These connections wouldn't get routed/translated at all.

The other machines I would say probably wouldn't have public IPs (it's an IT company), but I can't say that for sure...

Thanks for the reply!
Old 04-12-2012, 07:21 PM   #4
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.10, Centos 7.5
Posts: 17,565

Rep: Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425Reputation: 2425
Even if they can spoof the incoming IP Addr, so long as the user/passwd info is secure, you're good to go.
Of course you could also insist on ssh auth-keys and/or a SecureId Token or equiv.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot reach hosts own IP addresses Skaperen Linux - Networking 8 10-12-2011 01:03 PM
how to specify port no in TCPwrappers (hosts.allow) Monika32011 Linux - Security 2 09-13-2011 07:02 PM
deny hosts removing an Ip and checking tcpwrappers tkmsr Linux - Software 8 10-25-2010 07:58 AM
discover all hosts in ipv6 subnet and their addresses ineya Linux - Networking 5 12-13-2008 06:21 AM
squid - hosts addresses grzechoo Linux - Networking 1 09-28-2008 12:57 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:03 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration