[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bloquear Scan ..



Acho que isso pode ajudar...


####################################### PING, PORTSCAN, IP SPOOFING  ###########################################
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -j DROP # CONTRA PING
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT # CONTRA PING OF DEATH
/sbin/iptables -A INPUT -p tcp -m limit --limit 1/s -j ACCEPT # CONTRA ATAQUES SYN-FLOOD
/sbin/iptables -A INPUT -m unclean -j DROP # DROPA PACOTES SUSPEITOS OU DANIFICADOS
/sbin/iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-option 64 -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-option 128 -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-flags SYN,ACK,FIN,RST SYN,ACK,FIN -m limit --limit 1/s -j ACCEPT # Postscanners Ocultos
/sbin/iptables -A INPUT -p udp -s 0/0 -i eth+ --dport 33435:33525 -j DROP # Bloqueando traceroute
/sbin/iptables -A INPUT -s 10.0.0.0/8 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 127.0.0.0/8 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 172.16.0.0/16 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 192.168.0.0/24 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 224.0.0.0/8 -d 0/0 -j DROP # Bloquear Multicast
/sbin/iptables -A INPUT -s 0/0 -d 224.0.0.0/8 -j DROP # Bloquear Multicast
##################################################################################################################





On Wed, 22 Sep 2004 0:00:25 -0000, Eduardo Augusto Pinto wrote

> Pessoal , alguém conhece alguma regra no Iptables ou algum software que Bloqueie Scan ..
>
> Desde já agradeço,
> -----------------------------------------------
> Eduardo Augusto Pinto
> Analista de Suporte
> Linux User: #335173
> Tel. 11-9848-2121
>
> ________________________________________________
> Message sent using UebiMiau 2.7
> -- To UNSUBSCRIBE, email to debian-user-portuguese-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


--
Gustavo Pardellas Feijó
feijo@gustavofeijo.com
icq # 157322283
--------------------------
| Microsoft's butterfly  |
|is their way off telling|
|you their systems have a|
|$@#! lot of buggs.      |
--------------------------

Reply to: