[KLUG Members] IPChains problem

Rusty Yonkers members@kalamazoolinux.org
Sat, 8 Jun 2002 19:50:20 -0700 (PDT)

Previous message: [KLUG Members] IPChains problem
Next message: [KLUG Members] IPChains problem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> What I want to do....
>   I want to stop anything BUT http (80) ssh (22), DNS (53) ftp
> (20/21), and ICMP messages (the consequences of blocking those
> are fairly clear and nasty) for getting IN or OUT of this box.
> 

A couple of other things.... first I would always block ICMP.  If
your machine does not show up on a ping sweep that is the first step
in keeping people out (kinda like a klingon cloaking device). 
Second, I would not open up inbound ftp, only outbound.  And never
use ftp for anything that you need to give a username and password. 
It is all in clear text and that is bad.  If you want proof just run
ethereal sometime and then do a trace on the conversation and see the
password magically show up!!!!  Third is only do DNS on the udp port.
 the tcp port in DNS is for zone transfer and unless you are running
a DNS server with zones you NEVER want to do a zone transfer!!!



=====
Truth is truth ... no matter what I think...
-----------------------------------------
Department of Redundancy Department
-----------------------------------------
Devoted RedHat fan...

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Previous message: [KLUG Members] IPChains problem
Next message: [KLUG Members] IPChains problem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]