Hello everybody, I've got a wireless network running at my house... I've got several computers set up, and have allowed the AP to be used by anybody in the immediate area without any MAC address limitations, etc...
I do however have my development machine (mainly web programming/application hacking), with an apache server on port 80 that I don't want anybody to be able to access (other than a single PayPal address, for testing a payment service I'm working on)... Since I started port forwarding to my computer (for the paypal service to access), I've logged about 4 unauthorized visits... Two of which were obviously script kiddies. That got me a little concerned..
So I just started with iptables today to help me feel a little more secure, and have set up the following:
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 127.0.0.1 0.0.0.0/0
ACCEPT all -- 192.168.0.1 0.0.0.0/0
ACCEPT all -- 66.135.197.164 0.0.0.0/0
DROP tcp -- !192.168.0.0/24 0.0.0.0/0 tcp dpt:80
DROP all -- 192.168.0.0/24 0.0.0.0/0
DROP udp -- !192.168.0.0/24 0.0.0.0/0 udp dpt:80
The 66.135.197.164 address is the paypal server... 192.168.0.1 is my wireless gateway's address... The wireless gateway has it's own firewall configured to block all external traffic, except what's headed to port 80 on my computer...
So. What I'm trying to do is block all the traffic to my machine from
1) Script kiddies from remote locations
2) From machines on my wireless network.
And accept all traffic from
1) localhost
2) PayPal's payment notification server....
Will this work for me? Is there anything else I should be doing?
Thank you,
James