LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-12-2012, 04:17 PM   #1
BraveStarr
LQ Newbie
 
Registered: Apr 2012
Posts: 3

Rep: Reputation: Disabled
Question Tcpwrappers in hosts.allow and spoofing IP addresses


We've added some rules to the hosts files to allow only certain ranges of IP addresses from a consulting company to have SSH access to a Linux machine. Another person was worried the someone could just "spoof" one of that company's IP addresses.

I thought "spoofing" your IP address was just masking it through proxy servers - not being able to just make it someone elses.

Is it easy (if known) to change your IP address and "fool" the rules from the hosts files?

Thanks,
- J
 
Old 04-12-2012, 04:31 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Hi, welcome to LQ!

That all depends on the topolgy we're looking at...

Does your machine get its traffic routed/NATed?
Do the other machines all have public IPs?


Cheers,
Tink
 
Old 04-12-2012, 04:57 PM   #3
BraveStarr
LQ Newbie
 
Registered: Apr 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
These connections wouldn't get routed/translated at all.

The other machines I would say probably wouldn't have public IPs (it's an IT company), but I can't say that for sure...

Thanks for the reply!
 
Old 04-12-2012, 07:21 PM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,411

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
Even if they can spoof the incoming IP Addr, so long as the user/passwd info is secure, you're good to go.
Of course you could also insist on ssh auth-keys and/or a SecureId Token or equiv.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot reach hosts own IP addresses Skaperen Linux - Networking 8 10-12-2011 01:03 PM
how to specify port no in TCPwrappers (hosts.allow) Monika32011 Linux - Security 2 09-13-2011 07:02 PM
deny hosts removing an Ip and checking tcpwrappers tkmsr Linux - Software 8 10-25-2010 07:58 AM
discover all hosts in ipv6 subnet and their addresses ineya Linux - Networking 5 12-13-2008 06:21 AM
squid - hosts addresses grzechoo Linux - Networking 1 09-28-2008 12:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:49 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration