--------- Mensagem Original --------
De:
"Gustavo Pardellas Feijó" <feijo@gustavofeijo.com>
Para: "Eduardo
Augusto Pinto" <eduardo@veronezi.no-ip.org>, "Lista Conectiva"
<cl-bounces@distro2.conectiva.com.br>, "Lista Debian"
<debian-user-portuguese@lists.debian.org>, "Lista Slack"
<geral@slackware-brasil.com.br>
Assunto: Re: Bloquear Scan
..
Data: 22/09/04 14:20
Acho que isso pode ajudar...
####################################### PING, PORTSCAN, IP
SPOOFING ###########################################
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -j DROP #
CONTRA PING
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -m
limit --limit 1/s -j ACCEPT # CONTRA PING OF DEATH
/sbin/iptables -A
INPUT -p tcp -m limit --limit 1/s -j ACCEPT # CONTRA ATAQUES SYN-FLOOD
/sbin/iptables -A INPUT -m unclean -j DROP # DROPA PACOTES SUSPEITOS OU
DANIFICADOS
/sbin/iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH
-j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp --tcp-flags
SYN,RST SYN,RST -j DROP # Dropa Portscan
/sbin/iptables -A INPUT -p tcp
--tcp-flags SYN,FIN SYN,FIN -j DROP # Dropa Portscan
/sbin/iptables -A
INPUT -p tcp --tcp-option 64 -j DROP # Dropa Portscan
/sbin/iptables -A
INPUT -p tcp --tcp-option 128 -j DROP # Dropa Portscan
/sbin/iptables -A
INPUT -p tcp --tcp-flags SYN,ACK,FIN,RST SYN,ACK,FIN -m limit --limit 1/s -j
ACCEPT # Postscanners Ocultos
/sbin/iptables -A INPUT -p udp -s 0/0 -i
eth+ --dport 33435:33525 -j DROP # Bloqueando traceroute
/sbin/iptables
-A INPUT -s 10.0.0.0/8 -i eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 127.0.0.0/8 -i eth+ -j DROP # Protecao contra
IP spoofing
/sbin/iptables -A INPUT -s 172.16.0.0/16 -i eth+ -j DROP #
Protecao contra IP spoofing
/sbin/iptables -A INPUT -s 192.168.0.0/24 -i
eth+ -j DROP # Protecao contra IP spoofing
/sbin/iptables -A INPUT -s
224.0.0.0/8 -d 0/0 -j DROP # Bloquear Multicast
/sbin/iptables -A INPUT
-s 0/0 -d 224.0.0.0/8 -j DROP # Bloquear Multicast
##################################################################################################################
On Wed, 22 Sep 2004 0:00:25 -0000, Eduardo Augusto
Pinto wrote
> Pessoal , alguém conhece alguma regra no Iptables
ou algum software que Bloqueie Scan ..
>
> Desde já agradeço,
> -----------------------------------------------
> Eduardo
Augusto Pinto
> Analista de Suporte
> Linux User: #335173
> Tel. 11-9848-2121
>
>
________________________________________________
> Message sent using
UebiMiau 2.7
> -- To UNSUBSCRIBE, email to
debian-user-portuguese-REQUEST@lists.debian.org with a subject of
"unsubscribe". Trouble? Contact listmaster@lists.debian.org
--
Gustavo Pardellas Feijó
feijo@gustavofeijo.com
icq # 157322283
--------------------------
| Microsoft's butterfly |
|is
their way off telling|
|you their systems have a|
|$@#! lot of
buggs. |
--------------------------