LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-15-2004, 03:03 AM   #1
Fenster
Member
 
Registered: Jul 2004
Location: Ireland
Distribution: Fedora Core 2
Posts: 70

Rep: Reputation: Disabled
Help configuring iptables needed.


Over the past few days my system has come under several attacks, most recently last night and besides that I'm generally paranoid about my security, so I'm trying to configure iptables to block more or less all traffic. I tried serveral of the graphical "firewall" programs floating around for Linux, but I realise that these are just gui front-ends for iptables and from what I've seen, they aren't worth squat.

However, my problem with iptables is that those guide for it that I've found so far on the internet assume a level of expertise that I simply don't have, and skip what I'd consider the basics in favour of advanced scripting.

All I want to do is to set iptables to what I assume is a standard network setup, which I'd describe as follows: "block all internet traffic and stealth all ports except for specific services and applications that I choose to allow"

If anyone out there can point me the right way, I'd consider you a huge lifesaver.

Last edited by Fenster; 09-15-2004 at 05:09 AM.
 
Old 09-15-2004, 03:55 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 49
If you browse through the examples on LQ, you should find a lot of very simple Firewall scripts that you can use and modify. Let me find a few for you...
 
Old 09-15-2004, 05:07 AM   #3
Fenster
Member
 
Registered: Jul 2004
Location: Ireland
Distribution: Fedora Core 2
Posts: 70

Original Poster
Rep: Reputation: Disabled
Cheers!

I didn't get a chance to search this morning when I posted as I was on my way out the door to work.
 
Old 09-15-2004, 05:16 AM   #4
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 49
You may find some help here....
http://www.linuxquestions.org/questi...34#post1149834
let me know if you would like to customize it.
 
Old 09-15-2004, 05:23 AM   #5
colabus
Member
 
Registered: Mar 2004
Distribution: Debian Sarge, FC4
Posts: 100

Rep: Reputation: 15
Here's a good place to start http://www.linuxguruz.com/iptables/howto/ (It's where I started)
 
Old 09-15-2004, 09:51 AM   #6
Dummy-in-Linux
Member
 
Registered: Jun 2004
Location: Bangkok, Thailand
Distribution: Fedora 25 86_64
Posts: 357

Rep: Reputation: 32
Hello Fenster,

Iím using Firestarter (http://firestarter.sourceforge.net/) takes out all the difficult parts of the Firewall setup.

It also shows real time log and events for your settings.

With kind regards,

Richard
 
Old 09-15-2004, 01:11 PM   #7
Fenster
Member
 
Registered: Jul 2004
Location: Ireland
Distribution: Fedora Core 2
Posts: 70

Original Poster
Rep: Reputation: Disabled
Quote:
Originally posted by Dummy-in-Linux
Hello Fenster,

Iím using Firestarter (http://firestarter.sourceforge.net/) takes out all the difficult parts of the Firewall setup.

It also shows real time log and events for your settings.

With kind regards,

Richard
I tried firestarter. It didn't really do anything other than sit there.

I was watching on tcpdump and Ethereal last night as someone scanned my ports and it didn't report a single thing. Stuff like that.

Last edited by Fenster; 09-27-2004 at 01:03 PM.
 
Old 09-15-2004, 02:26 PM   #8
killer_bunny
Member
 
Registered: Oct 2003
Location: Croatia
Distribution: RedHat 9, Slack
Posts: 106

Rep: Reputation: 15
###############
# INPUT #
###############

# Droping all new and invalid connections coming from outside and loging them
# Check out log by runing *dmesg* as root
/sbin/iptables -A INPUT -i ppp0 -m state --state NEW,INVALID -j LOG
/sbin/iptables -A INPUT -i ppp0 -m state --state NEW,INVALID -j DROP

# Drop all tcp connection request coming from outside (syn packets)
/sbin/iptables -A INPUT -i ppp0 -p tcp --syn -j DROP

# Do not ping me you ******* ...
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -j DROP

##################
# FORWARD #
##################

# Drop ALL on this chain
/sbin/iptables -P FORWARD DROP

#################
# OUTPUT #
#################

# Just in case... (no ping replys, pongs)
/sbin/iptables -A OUTPUT -p icmp --icmp-type echo-reply -j DROP


This is just a simple config...
It should be enough for you to be stealth from port scanners and script kiddies...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
help needed, ultra newbie configuring sound.... haora Linux - Newbie 4 03-21-2005 12:15 PM
Help Needed Configuring Ethernet Card eklitzke Linux - Networking 5 09-01-2004 02:26 PM
iptables are needed tekmorph Linux - Software 4 08-30-2004 07:32 PM
Help needed configuring lilo unicef2k Linux - General 3 07-22-2004 11:55 AM
Help Needed Configuring Modem. Rubicone Linux - Software 1 03-04-2002 08:36 PM


All times are GMT -5. The time now is 12:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration