https://help.ubuntu.com/community/IptablesHowTo
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -j DROP
8: iptables -N port-scan
This is the beginning of a rule to block furtive port scanning. A furtive port scan is a scan that detects closed ports to deduce open ports. Two more lines are needed to complete this rule:
iptables -A port-scan -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j RETURN
iptables -A port-scan -j DROP
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:submission
ACCEPT tcp -- anywhere anywhere tcp dpt:ssmtp
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:submission
ACCEPT tcp -- anywhere anywhere tcp dpt:ssmtp
=====================================================================================
365 sudo iptables -L
366 sudo iptables -F
367 sudo iptables -I INPUT 1 -i lo -j ACCEPT
368 sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
369 sudo iptables -A INPUT -p tcp --dport 25 -j ACCEPT
370 sudo iptables -A INPUT -p tcp --dport 587 -j ACCEPT
371 sudo iptables -A INPUT -p tcp --dport 465 -j ACCEPT
372 sudo iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
373 sudo iptables -A OUTPUT -p tcp --dport 25 -j ACCEPT
374 sudo iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
375 sudo iptables -A OUTPUT -p tcp --dport 587 -j ACCEPT
376 sudo iptables -A OUTPUT -p tcp --dport 465 -j ACCEPT
377 sudo iptables -l
378 sudo iptables -L
379 sudo iptables -A OUTPUT -p tcp --dport ssh -j REJECT
380 sudo iptables -A OUTPUT -p tcp --dport icmp -j REJECT
381 sudo iptables -A OUTPUT -p icmp --icmp-type 8 -j DROP
382 sudo iptables -A INPUT -p icmp --icmp-type 8 -j DROP
383 sudo iptables -L
384 history
385 sudo iptables -A INPUT -p tcp --dport ssh -j REJECT
386 sudo iptables -A INPUT -p tcp --dport ssh -j DROP
Error (MMC has detected an error in a snap-in and will unload it) when you try to launch Windows Firewall with Advanced Security on Local Computer / Server.
Error (MMC has detected an error in a snap-in and will unload it) when you try to launch Windows Firewall with Advanced Security on Local Co...
-
Error (MMC has detected an error in a snap-in and will unload it) when you try to launch Windows Firewall with Advanced Security on Local Co... -
https://help.ubuntu.com/community/IptablesHowTo iptables -I INPUT 1 -i lo -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -...
-
Do you feel that the free space on your hard-disk is too little ? Does it seem that something fishy is going on which is eating your hard-di...
No comments:
Post a Comment