[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IPtables bash script

On 2016-05-23 19:54, Ralph Sanchez wrote:
> Yes, this is a personal laptop. If you notice, I have default POLICY
> as DROP, which means if I don't accept on ports 80 and 443 I can't
> accept HTTPS and HTTP, correct? I'm still learning how all this works,
> but that's what it seemed to me and was explained in other guides and
> tutorials I needed to do. And if I don't ACCEPT there, i dont get any
> web pages whatsoever so.
Whenever you perform an HTTP(S) request, the response should be treated
as RELATED, hence allowing all RELATED inbound traffic should suffice.

> Thanks for the Advice on NEW, I haven't seen much said about it so
> I'll take that advice and just enable RELATED as well, considering
> that solves the biggest problem I had as far as still accessing the
> web.
> 
> And as far as blocking outbound, I just don't see any reason to allow
> any more data in or out at any moment then is absolutely needed, and
> it should help mitigate some malicious software calling home even if
> it does get through into my system.
It could still connect via 80,443. However, you are right, your setup
will block those malicious pieces of software, that do not try to use
those (and that do not gain root rights).

> Thanks for the reading, that's where I'm heading now : )
Reply to: