Re: iptables firewall

To: debian-user@lists.debian.org
Subject: Re: iptables firewall
From: Mike McClain <mike.junk@nethere.com>
Date: Wed, 30 Jul 2014 08:33:35 -0700
Message-id: <[🔎] 20140730153335.GE14982@playground>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20140730081851.70446356@jretrading.com>
References: <[🔎] 20140730081851.70446356@jretrading.com>

On Wed, Jul 30, 2014 at 08:18:51AM +0100, Joe wrote:
<snip>
> Something else you might do now is to place temporary logging rules
> before your 'DROP' rules, to confirm whether it is indeed iptables
> which is blocking those packets. No logs, it's somebody or something
> else. And if you have anything other than just a bare modem between you
> and the outside world, which is not really best practice, then the first
> place to look is the Net router.

The temporary logging rules is a good idea, I'll do that.

> And as someone else asked, why are you worried about this 'stealth'? As
> long as the bad packets don't get in, what does it matter?

Why is there a DROP instruction in iptables as well as REJECT?

If a hacker gets no response he's less likely to dig further.

Thanks for your thoughts.
Mike
--
Who knows what evil lurks in the hearts of men?

Reply to:

Follow-Ups:
- Re: iptables firewall
  - From: Sven Hartge <sven@svenhartge.de>
- Re: iptables firewall
  - From: Nemeth Gyorgy <friczy@freemail.hu>

References:
- Re: iptables firewall
  - From: Joe <joe@jretrading.com>

Prev by Date: Re: iptables firewall
Next by Date: Re: iptables firewall
Previous by thread: Re: iptables firewall
Next by thread: Re: iptables firewall
Index(es):
- Date
- Thread