[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewalling


> One machine I administer has this rule
> /sbin/ipchains -A input -j REJECT -i $HOTCARD -p tcp -s $ANYCIDR -d $HOTHOME ! 20:80 -v -y $LOGIT
> This allows incoming traffic that has the SYN flag on (I.e. incoming, trying
> to establish a new connection) to work only on ports 20 through 80. 
> Even on a well-administered firewall, this kind of rule can protect you
> from accidently installing something that exposes you to additional risk.
> And on a firewall which has software on it that your client insists on,
> it can really reduce your exposure!

Thanks for the advice! I tried to follow your command line and read the
manpage, but I could not entirely found out which addresses I must use.
I have an ethernet card (eth2) with address connected to the
ADSL modem. When the connection is established, I also get a new interface
ppp0 with address

Is $HOTCARD ppp0 or eth2 ?
Must I set $ANYCIDR to and $HOTHOME to or something else?
Is there also a way to slow portscans down with this command?


Reply to: