Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
IPTABLES firewall Rulesets, whats safe? whats not?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: IPTABLES firewall Rulesets, whats safe? whats not?

  1. #1
    Junior Member
    Join Date
    May 2002
    Posts
    89

    IPTABLES firewall Rulesets, whats safe? whats not?

    Hi
    I have this firewall ruleset currently:
    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    iptables --flush
    iptables --table nat --flush
    iptables --delete-chain
    iptables --flush --delete-chain
    iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQERADE
    iptables --append FORWARD --in-interface eth0 -j ACCEPT
    I was wondering how to add defecnes from things like Netbus and BackOrifice, DoS attacks, and other old-un used/insecure protocols.
    What protocols are old and unused/unused and insecure/insecure in general?
    And how do I log netbus/DoS/BackOrifice attacks?

    Thanks

  2. #2

    Re: IPTABLES firewall Rulesets, whats safe? whats

    Are you running any kind of services that you want available to the outside world?

    If not, do this:

    iptables -A INPUT -p tcp -m state --state established,related -j ACCEPT
    iptables -A INPUT -j DROP

    and you should be pretty much fine. You might want to fine-tune it more than that, but it'll block everything.

  3. #3
    Junior Member
    Join Date
    May 2002
    Posts
    89

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    Umm..
    Yeah I have a whole bunch of stuff that I want accessable from the outside world.
    Im more looking for IP blocking, Port Forwarding, and old, unused, insecure device blocking.
    Thanks

  4. #4

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    Like Fetzza said, I would just block everything incoming and outgoing except that which you explicitly want to use or allow people to access. Start your ruleset with the good old:

    iptables -P INPUT DROP
    iptables -P OUTPUT DROP
    iptables -P FORWARD DROP

    Then enables needed services from there. Run things like sendmail from the loopback if you only need it locally and start X with -- -nolisten tcp.

  5. #5
    Junior Member
    Join Date
    May 2002
    Posts
    89

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    I really dont see this option feesable for me because we have 3 windows PC's all using different things and constantly being changed. So Blocking unwanted IP's seems much more easier / the lazy mans way.

    Thanks

  6. #6

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    well then, why not just block everything incoming and allow all outgoing traffic from your windose boxes?

  7. #7
    Junior Member
    Join Date
    May 2002
    Posts
    89

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    [quote author=tolstoy link=board=5;threadid=1209;start=0#37030 date=1023448239]
    well then, why not just block everything incoming and allow all outgoing traffic from your windose boxes?
    [/quote]
    Because I usually use my windows box for network stuff. Its the occassional person (from tiwan I think it is) that pings me every hour, I dont trust some interfaces, but probably use most of them, and I actually want to find out how IPTABLES works, what commands there are, and how to make a easy to manange firewall script which I will later release on sourceforge.
    And recently ive started coding in PHP with minimal help, and found I can learn faster than people telling me. WOAH! ( the life of a 15yr old ;D, and mabye school is really a waste of time )
    So, actually, Change of question,
    Where can I find information about:

    Writing BASH scripts, What services use what ports, what IP's represent what countries, All the ins and outs of IPTABLES and mabye a basic tutorial or two.

    Thanks

  8. #8

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    I would check out netfilter .org at http://netfilter.samba.org/

  9. #9

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    check out the scripts here: http://www.sentry.net/~obsid/IPTables/rc.scripts.dir/current/

    These are most excellent and I built my iptables script from these.

  10. #10
    Junior Member
    Join Date
    May 2002
    Posts
    89

    Re:IPTABLES firewall Rulesets, whats safe? whats not?

    Thanks alot.
    Does anyone know the Function lists for bash/sh/bin-bash/whatever the bloomin thing is called?
    thanks

Similar Threads

  1. Whats your OS?
    By in forum General Chat
    Replies: 34
    Last Post: 08-25-2004, 07:03 AM
  2. whats going on??
    By dox in forum General Chat
    Replies: 3
    Last Post: 02-19-2004, 01:00 PM
  3. Whats Your job?
    By 10Dedfish in forum General Chat
    Replies: 51
    Last Post: 10-21-2003, 08:24 AM
  4. Whats your IQ?
    By rick420 in forum General Chat
    Replies: 41
    Last Post: 04-14-2002, 02:52 AM
  5. whats next
    By winston in forum Linux - Software, Applications & Programming
    Replies: 1
    Last Post: 04-12-2002, 01:42 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •