Re: How to block traffic in and out to all ports....
From: Don Peasley (user_at_domain.invalid)
Date: 10/01/03
- Next message: Stephen: "Re: DVD writing problems on RH9.0"
- Previous message: Stephen: "Re: DVD writing problems on RH9.0"
- Maybe in reply to: Jean-David Beyer: "Re: How to block traffic in and out to all ports...."
- Next in thread: Larry James: "Re: How to block traffic in and out to all ports...."
- Reply: Larry James: "Re: How to block traffic in and out to all ports...."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 01 Oct 2003 03:05:23 GMT
Larry James wrote:
> .
> Can someone tell me of a quick and easy way to block traffic to
> all ports. I would likt to block all ports, then one by one open the
> ones that I find that are needed to run my network, like pop3, smtp,
> ssh, etc.
>
> Thanks in advance for any input.
>
> -- L. James
>
> ------------
> L. D. James
> ljames@apollo3.com
> www.apollo3.com/~ljames
Use iptables if you are running the 2.4 kernel. Many tutorials are
available on the net. http://iptables-tutorial.frozentux.net is a good
start. My configuration would not help much as it is for a gateway.
Determine what incomming ports you need before setting the policy to
DROP. DNS requires 53/UDP and SSH is 22/TCP. Unless you are running a
mail server, you do not need pop3 or imap open.
<RANT (for Peter)>
I am a network administrator by trade. I advise filtering using routers
and dedicated firewalls in multiple layers for any large network. For
my home network, I use iptables on my gateway machine.
Although I keep all unnecessary services turned off, you never know what
the next vulnerability will be. In addition, my Winxx machines are also
protected by the firewall on the gateway, ZoneAlarm personal firewall on
the win boxs, and an antivirus on each.
By checking my firewall logs, I was able to identify a company that was
infected with a blaster varient. The company had installed a brand new
system, loaded WinXP Pro from disks, connected it to the Internet, and
immediately started applying the M$ patches. In the half hour it took
to download and install the patches, they had become infected. If they
had been behind a firewall, the infection would not have happened.
</RANT>
Good Luck.
--don--
- Next message: Stephen: "Re: DVD writing problems on RH9.0"
- Previous message: Stephen: "Re: DVD writing problems on RH9.0"
- Maybe in reply to: Jean-David Beyer: "Re: How to block traffic in and out to all ports...."
- Next in thread: Larry James: "Re: How to block traffic in and out to all ports...."
- Reply: Larry James: "Re: How to block traffic in and out to all ports...."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
