iptables anti-nimda anyone?

From: Konrad Michels (konrad@overnetdata.com)
Date: 09/19/01


Message-ID: <3BA8B926.8030104@overnetdata.com>
Date: Wed, 19 Sep 2001 16:26:30 +0100
From: Konrad Michels <konrad@overnetdata.com>
To: focus-linux@securityfocus.com
Subject: iptables anti-nimda anyone?

Hi everyone
I don't suppose one of our iptables gurus out there has an iptables rule
to filter out this damn nimda thing? I'm really annoyed about it
filling up my apache logz and would love to drop the packets 'ere they
get to the apache server . . .

Later
Konrad

-- 
************************************************************
* Linux isn't unfriendly - its just picky about who its
* friends are!
*
************************************************************
* Konrad Michels (RHCE)
* Systems Manager
* OverNet Data (UK) LTD
************************************************************



Relevant Pages

  • Re: iptables anti-nimda anyone?
    ... Subject: iptables anti-nimda anyone? ... > I don't suppose one of our iptables gurus out there has an iptables rule ... > to filter out this damn nimda thing? ...
    (Focus-Linux)
  • Re: iptables udp and output
    ... Didn't your distro include iptables? ... to compile from source? ... the implied "-t filter". ... where you had to specify what you wanted to block. ...
    (comp.os.linux.security)
  • Re: Better iptables firewall
    ... Personally, lesser is your configuration, better is your security. ... iptables -t filter -F ...
    (Debian-User)
  • Re: OT iptables question
    ... > I'm updating a RH ipchains packet filter script from the dim past to ... > I noticed that when I specified the network the host is on, ... > the rule, and iptables seems to take it, and the chain seems to work. ... > filter on the DMZ, and I'd like to do it as rigorously as I can. ...
    (Debian-User)
  • Re: Firewall with Iptables
    ... accept packets in the ESTABLISHED and RELATED states too, ... rule at the beginning of the chain accepting packets in the ESTABLISHED ... iptables -t filter -P FORWARD DROP ...
    (comp.os.linux.networking)