On Thu, Sep 23, 2004 at 10:09:22AM +0200, Dag-Erling Smorgrav wrote: > Nick Cleaton <nick@cleaton.net> writes: > > I want access to my system from any IP address, so I've patched my > > sshd so that a secret token is required to connect. [...] > Look up "replay attack" on google... Indeed, this doesn't keep out attackers who can sniff a valid session, just like tcp_wrappers doesn't keep out attackers who can spoof an authorized source address. Nick -- $_='YN8KuE*** http://www.exonetric.com/ Telehouse UK colo ***HARQr**' ..'NfzV0YrC1*** GBP40/month +VAT 40G BW no setup fee ***MnjJ**' ..'6QvtcPgQ20*** ***nlS**' ;s/(.)(.*(.))/$2.chr(32+(ord($1)+ord$3)%89)/euntil/Foo/;eval#****' _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"