I'm definitely not a firewall expert, but isn't it also possible to get around IPchains using IP spoofing? From what I know ipchains is only protected against spoofing by using source address verification. Or am I way off? Luke > luke@xxxxxxxxxxxxx wrote: > >>One very effective way that I have found to do this is to use the 'hosts.allow' file located at /etc/hosts.allow > hosts.allow is NOT secure. You can easily spoof the IP addresses contained within it. You should not use it. > > Regards > > James > > - : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
