LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-09-2003, 12:16 PM   #1
tailine
Member
 
Registered: Jun 2002
Distribution: Slackware 9.0
Posts: 45

Rep: Reputation: 15
IPTables


I have a firewall running on my machine and I would like lock down some open ports. I believe I need to filter the INPUT chain a little. I have read through a little documentation on http://www.netfilter.org/documentati...ial.html#AEN63

but I am not quite getting the hang of it, can anyone point me in the right direction.

Last edited by tailine; 06-09-2003 at 01:02 PM.
 
Old 06-09-2003, 01:44 PM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 416Reputation: 416Reputation: 416Reputation: 416Reputation: 416
You're going to want something along the lines of:

iptables -A INPUT -p tcp --dport XXX -j DROP

Of course this can be modified in a bunch of different ways (like you want port access from your LAN but not your WAN), but that is a pretty basic chain to shut down a port. The tutorial you refer to is tough going, but everything you need to know about iptables is in there. Also do some searching around here because there are lots of discussions about iptables and how to set up rules.

Of course the BEST way to lock down a port is to remove uneeded servers.
 
Old 06-09-2003, 01:55 PM   #3
tailine
Member
 
Registered: Jun 2002
Distribution: Slackware 9.0
Posts: 45

Original Poster
Rep: Reputation: 15
Thanks mate, i have managed to do that i included it in my rc.firewall-2.4 script and ran it up again.
Here is an example of the one i put in.
$IPTABLES -A INPUT --protocol tcp --source-port 113 -j DROP
$IPTABLES -A INPUT --protocol tcp --destination-port 113 -j DROP
$IPTABLES is pointing to iptables in the top of my rc.firewall-2.4 script.

Is it ok to do that? and how can i test it works, i closed a series of ports including 113 auth which i do not really know what it does but i heard it is a nasty one? can you pls advise me.

Last edited by tailine; 06-09-2003 at 01:57 PM.
 
Old 06-09-2003, 03:32 PM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 416Reputation: 416Reputation: 416Reputation: 416Reputation: 416
If you're looking for information on security, unSpawn has a terrific collection of links in the first thread of the LQO Security forum. I strongly suggest a read.

It looks like your rules are right. Port 113 should be shut down quite nicely (although you might have a search around here about port 113 since there are some opinions on whether you should DROP or REJECT this port).

In my opinion, there are no good or bad ports....It all depends on what you want from your machine. I've really got only ssh and ftp running and ftp is locked down to my LAN only. You should also have a look at the startup scripts in your /etc/rc.d directory and comment out any services that you don't use. A port is well and truly closed if there is nothing listening. For checking for open ports, you could try nmap.

Finally, Simply Linux has a section on security that is worth a look.

Last edited by Hangdog42; 06-09-2003 at 03:34 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
An error occured getting IPtables status from the command /etc/rc.d/init.d/iptables s CrazyMAzeY Linux - Newbie 10 08-12-2010 06:25 AM
Iptables - Couldn't load target `ACCPET':/lib/iptables/libipt_ACCPET.so: z00t Linux - Security 3 01-26-2004 03:24 AM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 07:08 AM
iptables book wich one can you pll recomment to be an iptables expert? linuxownt Linux - General 2 06-26-2003 05:38 PM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 08:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:21 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration