Re: secured server policies

To: debian-firewall@lists.debian.org
Subject: Re: secured server policies
From: Julian Esteban Perconti <vh1988@yahoo.com.ar>
Date: Thu, 23 Oct 2008 22:51:36 -0300
Message-id: <[🔎] 49012A28.9030002@yahoo.com.ar>
In-reply-to: <[🔎] 5bd2109b0810231733n642d07b6m66e8e4a23041f880@mail.gmail.com>
References: <[🔎] 5bd2109b0810231733n642d07b6m66e8e4a23041f880@mail.gmail.com>

Alexandr Shurigin escribió:

hello huys

I have trouble. i readed and readed and think better i ask professionals :)

I have server which must have shared only 80 and 22 ports. all otherports i want to close by iptables.


Which rules i must use ?

Thanks. have a good day :)

--
С уважением, Александр Шурыгин
icq 254106594
email: ya@phpdude.ru <mailto:ya@phpdude.ru>
phone: +7 902 265 81 66

Hello:

one posibility ...

iptables -P INPUT DROP

iptables -t filter -A INPUT -p tcp -m tcp --dport 22 -j LOG --log-prefix'TRY UNKNOW SSH ACCESS ' --log-level 4

itpables -t filter -A INPUT -s 0/0 -d "your.local.ip" -p tcp --sport1024:65535 --dport 80 -j ACCEPT

itpables -t filter -A INPUT -s "your.ip.client." -d "your.local.ip" -ptcp --sport 1024:65535 --dport 22 -j ACCEPT


iptables -j DROP

make sure that the the following modules are loaded (minimal like):

/sbin/modprobe ip_tables
/sbin/modprobe iptable_filter
/sbin/modprobe ipt_LOG

These rules working well on 2.6.18 kernel.

I hope that my help him util. (Huh?)

PS: i'm not a professional.
PS2: sorry for my english.

Bye.

Reply to:

References:
- secured server policies
  - From: "Alexandr Shurigin" <alexandr.shurigin@gmail.com>

Prev by Date: secured server policies
Next by Date: Re: work and live in canada -Why is still showing up on our mailing list
Previous by thread: secured server policies
Next by thread: Re: work and live in canada -Why is still showing up on our mailing list
Index(es):
- Date
- Thread