Re: Clever Firewall Rules - Second Edition - Update
From: pierre.lombard@imag.frDate: 09/21/01
- Previous message: Tim Haynes: "Re: iptables anti-nimda anyone?"
- In reply to: Rob 'Feztaa' Park: "Clever Firewall Rules - Second Edition - Update"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 21 Sep 2001 17:30:26 +0200 To: focus-linux@securityfocus.com Subject: Re: Clever Firewall Rules - Second Edition - Update Message-ID: <20010921173025.B18731@sci41.imag.fr> From: pierre.lombard@imag.fr
On Tue, Sep 18, 2001 at 04:03:15PM -0600, Rob 'Feztaa' Park wrote:
> Just a quick update, I don't want to send out the whole thing again.
>
> I've managed to get my SYN limiting rules to filter the closed ports,
> eliminating the problem of ports randomly flickering between closed and
> filtered during a SYN scan:
>
> iptables -A INPUT -i eth0 -p tcp --syn -m limit --limit 10/m \
> --limit-burst 10 -j syn_limit
> iptables -A INPUT -i eth0 -p tcp --syn -j DROP
> iptables -A syn_limit -p tcp --dport 80 -j ACCEPT
> [Rules for opening any other ports you need]
> iptables -A syn_limit -p tcp -j DROP
>
> If I can, I'm going to make the limiting host-specific.
[...]
Maybe you can give a try to dynfw (http://freshmeat.net/projects/dynfw/): it
seems to do that.
(I don't have tested it yet but it's queued on my first-in-random-out list :)
-- Best regards, Pierre Lombard
- Previous message: Tim Haynes: "Re: iptables anti-nimda anyone?"
- In reply to: Rob 'Feztaa' Park: "Clever Firewall Rules - Second Edition - Update"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
