Re: ipchains help
From: catalyst (catalyst@salon.ru)Date: 09/23/02
- Previous message: Ermelir: "Re: port UDP 4665?"
- In reply to: Nikolai: "ipchains help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: catalyst <catalyst@salon.ru> To: Nikolai <nikolai@pneumaticus.com>, security-basics@securityfocus.com Date: Mon, 23 Sep 2002 12:42:03 +0400
On Fri, 20 Sep 2002, Nikolai wrote:
> I have setup the following rules for my ipchains:
>
> :input ACCEPT
> :forward DENY
> :output ACCEPT
>
> -A input -j DENY -p all -l -s 127.0.0.0/8 -i eth0 -d 0.0.0.0/0
> -A input -i eth0 -s 0/0 -d 0/0 -p tcp -y -j DENY -l
As you may see, the protocol you have DENY is "-p tcp" (at the second line).
You may add fully identical row at the end except proto=ICMP, like this:
-A input -i eth0 -s 0/0 -d 0/0 -p ICMP -j DENY -l or:
-A input -i eth0 -s 0/0 -d 0/0 8 -p ICMP -j DENY -l
Good luck!
>
> I did an online-based scan at scan.sygate.com and everything appears to
> be 'blocked' except ICMP service on port 8.
>
> Can someone please help me with how to close this hole as well?
>
> Some background:
> my kernel is 2.4.18 (with Mandrake 8.2)
> I'm new to Linux/GNU in general and security in particular.
>
> Thanks
> Nikolai
--
- Previous message: Ermelir: "Re: port UDP 4665?"
- In reply to: Nikolai: "ipchains help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
