Coyote IP Chains?

• Previous message: Marcus Lauer: "Re: per to per"
• Next in thread: beltorak: "Re: Coyote IP Chains?"
• Reply: beltorak: "Re: Coyote IP Chains?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Thomas Gibson <tegibson@sympatico.ca>
Date: Sat, 04 Jan 2003 23:48:55 -0500

Using Sygate's online scanner it seems that Coyote Linux allows external
ssh sessions on port 22. I would like to block this and am using the
following ipchain rules:

# Block all low level system ports
/sbin/ipchains -A input -i eth1 -p tcp -d 0/0 0:1023 -j REJECT
/sbin/ipchains -A input -i eth1 -p tcp -d 0/0 6000:6010 -j REJECT
/sbin/ipchains -A output -i eth1 -p tcp -s 0/0 22 -j DENY
/sbin/ipchains -A input -i eth1 -p tcp -d 0/0 22 -j DENY
/sbin/ipchains -A input -i eth1 -p udp -d 0/0 0:1023 -j REJECT
/sbin/ipchains -A input -i eth1 -p icmp --icmp-type ping -s 0/0 -j REJECT

Sygate still is indicating the port is open which leads me to believe I
don't understand ipchains fully yet. Can anyone provide guidance?

• Next message: smg: "Re: I got hacked!!!"
• Previous message: Marcus Lauer: "Re: per to per"
• Next in thread: beltorak: "Re: Coyote IP Chains?"
• Reply: beltorak: "Re: Coyote IP Chains?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]