[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CLOSING a web server!!!!!!

On Thu, 30 Jan 2003, [iso-8859-1] Iñaki Martínez wrote:

>   21 -> only from my fix IP

Use scp.  FTP requires some very b0rken firewalling.

>   22 -> only from my fix IP



$IPT -A INPUT -t tcp --dport 22 -s $fix_IP -d $local_IP -j ACCEPT

>   53 -> any IP (only for my domains = BIND config)

What do you mean, only for your domains?  Only allow people from your
domains to query you?  Then why "any IP"?  Your firewall can't stop people
from asking you about www.google.com...

>   80 -> any IP obiously

$IPT -A INPUT -t tcp --dport 80 -d $local_IP -j ACCEPT

>  443 -> same as 80


>  What are the BETTER and MORE SECURE iptables rules for this server????

Those above work for me.

>  NOTE: i am NOT an expert, but i know iptables syntax, options and rules.

Well, there you are then.

#include <disclaimer.h>
Matthew Palmer, Geek In Residence

Reply to: