Re: Bloquear Scan ..

To: "Eduardo Augusto Pinto" <eduardo@veronezi.no-ip.org>, "Lista Conectiva" <cl-bounces@distro2.conectiva.com.br>, "Lista Debian" <debian-user-portuguese@lists.debian.org>, "Lista Slack" <geral@slackware-brasil.com.br>
Subject: Re: Bloquear Scan ..
From: "Gustavo Pardellas Feijó" <feijo@gustavofeijo.com>
Date: Wed, 22 Sep 2004 12:04:50 -0200
Message-id: <[🔎] 20040922140408.M17380@gustavofeijo.com>
In-reply-to: <[🔎] 20040922030025.8862FD6F5@silviasaints.veronezi.no-ip.org>
References: <[🔎] 20040922030025.8862FD6F5@silviasaints.veronezi.no-ip.org>

Acho que isso pode ajudar...

####################################### PING, PORTSCAN, IP SPOOFING ###########################################
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -j DROP # CONTRA PING
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT # CONTRA PING OF DEATH
/sbin/iptables -A INPUT -p tcp -m limit --limit 1/s -j ACCEPT # CONTRA ATAQUES SYN-FLOOD
/sbin/iptables -A INPUT -m unclean -j DROP # DROPA PACOTES SUSPEITOS OU DANIFICADOS
/sbin/iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-option 64 -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-option 128 -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-flags SYN,ACK,FIN,RST SYN,ACK,FIN -m limit --limit 1/s -j ACCEPT # Postscanners Ocultos
/sbin/iptables -A INPUT -p udp -s 0/0 -i eth+ --dport 33435:33525 -j DROP # Bloqueando traceroute
/sbin/iptables -A INPUT -s 10.0.0.0/8 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 127.0.0.0/8 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 172.16.0.0/16 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 192.168.0.0/24 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 224.0.0.0/8 -d 0/0 -j DROP # Bloquear Multicast
/sbin/iptables -A INPUT -s 0/0 -d 224.0.0.0/8 -j DROP # Bloquear Multicast
##################################################################################################################

On Wed, 22 Sep 2004 0:00:25 -0000, Eduardo Augusto Pinto wrote
> Pessoal , alguém conhece alguma regra no Iptables ou algum software que Bloqueie Scan ..
>
> Desde já agradeço,
> -----------------------------------------------
> Eduardo Augusto Pinto
> Analista de Suporte
> Linux User: #335173
> Tel. 11-9848-2121
>
> ________________________________________________
> Message sent using UebiMiau 2.7
> -- To UNSUBSCRIBE, email to debian-user-portuguese-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

--
Gustavo Pardellas Feijó
feijo@gustavofeijo.com
icq # 157322283
--------------------------
| Microsoft's butterfly |
|is their way off telling|
|you their systems have a|
|$@#! lot of buggs. |
--------------------------

Reply to:

References:
- Bloquear Scan ..
  - From: "Eduardo Augusto Pinto" <eduardo@veronezi.no-ip.org>

Prev by Date: Re: dead-letter ao fechar o mutt- SOLUCAO
Next by Date: Re: Bloquear Kazaa e e-mule
Previous by thread: Bloquear Scan ..
Next by thread: Re: Bloquear Scan ..
Index(es):
- Date
- Thread