Re: Dos attack
From: Sandro Mangovski (sandro_at_bofhlet.net)
Date: 08/26/04
- Next message: Tim Haynes: "Re: MD5 checksum changed"
- Previous message: P Gentry: "Re: Secure clustering: kerberos issues"
- In reply to: Jose Maria Lopez Hernandez: "Re: Dos attack"
- Next in thread: Jose Maria Lopez Hernandez: "Re: Dos attack"
- Reply: Jose Maria Lopez Hernandez: "Re: Dos attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Aug 2004 02:53:36 +0200
On Wed, 25 Aug 2004 04:23:22 +0200, Jose Maria Lopez Hernandez wrote:
> This solution it's good if you don't have to accept incoming
> connections, but if you have to then it's a bit harder.
Why is that? You could set default policy to INPUT chain to DROP, and then
match needed ports by setting up rules in the chain. That is the usual
practice. :) Except dport matching you need to let ESTABLISHED and RELATED
connections in and that is it. Regards,
-- Sandro Mangovski ICQ: 92602206 | IRC: <Fish/#linux>@irc.idolnet.org
- Next message: Tim Haynes: "Re: MD5 checksum changed"
- Previous message: P Gentry: "Re: Secure clustering: kerberos issues"
- In reply to: Jose Maria Lopez Hernandez: "Re: Dos attack"
- Next in thread: Jose Maria Lopez Hernandez: "Re: Dos attack"
- Reply: Jose Maria Lopez Hernandez: "Re: Dos attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
