2008/11/10 Manuel Gomez
<mgdpz1@gmail.com>
Hi, i would like to read opinions about my firewall settings:
I am using Iptables with Shorewall (frontend) and my configuration is:
- Default Policy: REJECT all connections.
- Rules: Allow DNS (my DNS servers), allow http and https connections for servers: www.google.es, ...
So, nobody except these servers can connect with me (inbound and outbound).
This type of configuration is secure? How could they attack me?
By using REJECT instead of DROP, you have no stealth. This means you can be port-scanned to look for weaknesses, e.g. unpatched OpenSSH vulnerabilities, etc.