cygwin-1.7, sshd, tcpd, and IPv6/Vista
Wed Dec 31 05:48:00 GMT 2008
On Tue, 30 Dec 2008, Charles Wilson wrote:
> So, the "allow" entries in hosts.allow are really only enabling access
> form the actual "127.0.0.1" aka "::1" machine -- that is, the actual
> local host. They do not REALLY enable access from those bad guys that
> spybot maps to localhost.
> Can anybody think of an alternate explanation (perhaps this is a bug in
> cygwin-1.7's resolver code, or a bug I haven't spotted in tcpd?) Am I
> being too blase' about modifying hosts.allow as
> ALL : 127.0.0.1/32 : allow
> ALL : [::1]/128 : allow
> ALL : PARANOID : deny
> sshd: all
> or, am I right that doing so is perfectly safe even with a munged up
> hosts file -- and if so, should I modify the default hosts.allow shipped
> with tcp_wrappers?
It's perfecty valid. FreeBSD's default /etc/hosts.allow is setup that
way so you're in good company.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
More information about the Cygwin