LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page IPChains & External Ports
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-26-2003, 11:16 AM   #1
engnet
Member
 
Registered: May 2003
Posts: 30

Rep: Reputation: 15
IPChains & External Ports

Hello all, need some advice regarding Ipchains, I looking for away to close off the following ports on external connections only:

VNC
X11
SMB

Leaving SSH enabled for external connections across PPPD and Wireless LAN on secondary subnet.

Any help would be great

Chris H
 
Old 05-26-2003, 11:19 AM   #2
manthram
Member
 
Registered: Feb 2002
Location: Fairfax, VA
Distribution: RedHat 8, Mandrake9.1, Slack9
Posts: 456

Rep: Reputation: 31
what distro are you running? better use iptables, there are lot of wrapper for iptables and it is very good. iptables is the standard for firewall these days.

you can use firestarter or guarddog to accomplish this
 
Old 05-26-2003, 11:22 AM   #3
engnet
Member
 
Registered: May 2003
Posts: 30

Original Poster
Rep: Reputation: 15
Many thanks, am using RH7.2/2.4.7-10 have 2 server running one as router and one as domain controller.

Am just looking for a quick way to block these ports via external links.

Cheers

Chris H
 
Old 05-28-2003, 04:02 AM   #4
Robert0380
LQ Guru
 
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280

Rep: Reputation: 47
if you know the port numbers:

iptables -A INPUT -s ! LAN_IPs -p tcp --dport SMB_PORT -j DROP
iptables -A INPUT -s ! LAN_IPs -p udp --dport SMB_PORT -j DROP

iptables -A INPUT -s ! LAN_IPs -p tcp --dport VNC_PORT -j DROP
iptables -A INPUT -s ! LAN_IPs -p udp --dport VNC_PORT -j DROP

iptables -A INPUT -s ! LAN_IPs -p tcp --dport X11_PORT -j DROP
iptables -A INPUT -s ! LAN_IPs -p udp --dport X11_PORT -j DROP

LAN_IPs must be replaced by something like 192.168.0.0/16, depending on what your LAN network and subnet mask is. Also where I have VNC_PORT ans X11_PORT you shoudl replace with real port numbers (X11 = 6000, the others i dont know by heart). If you do that, it will close off those 3 ports to udp and tcp connection attempts from any ip that's not on the local network.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
A quick question about ports & internal/external networks for webservers... jacksonscottsly Linux - Networking 2 07-10-2005 09:35 PM
serial cards/ports & external modems for Linux Howard V Linux - Hardware 2 02-28-2005 06:02 PM
IPChains & UDP ports Sonicsone Linux - Networking 9 12-17-2002 01:48 PM
ipchains Syntax for FTP Ports ifm Linux - Software 1 06-11-2002 08:14 PM
ipchains & blocked ports? jasonhbishop Linux - Networking 3 06-03-2002 08:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:03 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration