Any suggestions ?
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Any suggestions ?

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050

    Exclamation Any suggestions ?

    hello people

    any suggestion on adding to my iptables script ? my current script is quite crappy but it closes ports i will post my current script and you can make suggestions to add to it if you feel like it

    #!/bin/bash
    ./iptables -A INPUT -p tcp --dport 111 -j REJECT
    ./iptables -A INPUT -p tcp --dport 515 -j REJECT
    ./iptables -A INPUT -p tcp --dport 6000 -j REJECT
    ./iptables -A INPUT -p tcp --dport 32768 -j REJECT
    ./iptables -A INPUT -p tcp --dport 32769 -j REJECT

    all im doing is closing open port so any suggestion on stuff to add to this ?
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    317
    Hey there. str34m3r wrote a pretty good tut on this one. Check it out here
    This one is a little more comprehensive than what you were creating, but it's effective.

    Hope this helps, and regards.
    \"I believe that you can reach the point where there is no longer any difference between developing the habit of pretending to believe and developing the habit of believing.\"


  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    hey chefer thanks for the link but i was looking for people to post as to what they would add to it
    if they were securing there own box
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  4. #4
    Senior Member
    Join Date
    Jul 2002
    Posts
    167
    prodikal,
    I personally have a hardware firewall and don't use IPtables that much. However my friend gave me a link that might help you out.

    http://www.linux-firewall-tools.com/linux/

    I've checked it out a little bit (I have a hectic school schedule right now) and it looks to have some great information.

    Hope it helps.
    Nathan

  5. #5
    Senior Member
    Join Date
    Feb 2002
    Posts
    130
    I know what I would do to it but I am one of those people who has to look up the commands as I was doing it. First I would deny access to all ports, then allow access only to the ones I needed (as a pose to just blocking the ones that are open). Doing it this way stops you missing things if you add a program that opens another port. Other than that I would use 'DROP' rather than deny, I don't like people knowing I am here, lol.

  6. #6
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    I know what I would do to it but I am one of those people who has to look up the commands as I was doing it. First I would deny access to all ports, then allow access only to the ones I needed (as a pose to just blocking the ones that are open). Doing it this way stops you missing things if you add a program that opens another port. Other than that I would use 'DROP' rather than deny, I don't like people knowing I am here, lol.
    UKnetsec that is the kind of replys i was looking for thanks man

    how would you add the DROP rule to that script ?
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  7. #7
    Senior Member
    Join Date
    Feb 2002
    Posts
    130
    As far as I know you would just replace the word 'DENY' with 'DROP' for all the ports you don't want to reply at all, which for me is all of them. Try it, and go to a site like sygate (www.sygate.com) and do a udp scan of yourself, that way you can see easily if your computer is replying. If it doesn't work, just change it back, you haven't lost anything

  8. #8
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    thanks again UKnetsec i have been messing around with diffrent scripts but im not getting any better results unless you call hardening your box that no input or out put goes in or out proggress

    any 1 else have any suggestions that i could put in that script maybe some examples from poeple using iptables could help a bit
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  9. #9
    Senior Member
    Join Date
    Feb 2002
    Posts
    130
    Ok, this page (http://morizot.net/firewall/gen/ ) has a web based firewall script generator, it is very basic, just really meant for home machines by the look of it. If you tick the box at the bottom to allow incoming services, after you click the 'Generate Firewall' button it will give you a choice of incoming services to allow. That way you can look at the script and see how it works. Other than that you could be a bit lazy like me and get a program like Firestarter ( www.firestarter.sourceforge.net ) or Guarddog ( www.simonzone.com/software/guarddog ). Both of those will probably generate better scripts than that webpage to be honest, but I like to give all the options I can think of

  10. #10
    Senior Member
    Join Date
    Oct 2002
    Posts
    181
    I would look at it from the other way. Don't look at what you need to close, look at what needs to be open. So close everything and then only open the ones you need. eg 23 SMTP, 80 HTTP etc. etc.

    Hope this gives another view on the subject

    SittingDuck

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •