LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-16-2007, 06:52 AM   #1
ComputerHermit_
LQ Newbie
 
Registered: Feb 2007
Distribution: Ubuntu 7.10 Mint 4.0
Posts: 23

Rep: Reputation: 15
droping inside the network?


I'm trying to learn how to drop traffic from inside the network useing iptables. What I mean is other computers on the wireless router
so they can't login to my box? I drop their mac's and disabled samba this is not enof.
this guy lives around me and is somehow able to kill my linux box
persocomp 192.168.1.107 00:11:11:00:CA:05

also this is the tcpdump

07:25:51.177002 IP 192.168.1.118.32776 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
07:25:51.450515 IP 192.168.1.118.32776 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
07:25:51.727128 IP 192.168.1.118.32777 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
07:25:52.002570 IP 192.168.1.118.32777 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
07:25:52.278539 IP 192.168.1.118.32777 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
07:25:52.424732 802.1d config 8000.00:0f:66:b0:c2:7c.8002 root 8000.00:0f:66:b0:c2:7c pathcost 0 age 0 max 20 hello 2 fdelay 0
07:25:52.566862 IP 192.168.1.118.32777 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
07:25:52.842568 IP 192.168.1.118.32777 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
07:25:53.118573 IP 192.168.1.118.32777 > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
this is running all the time I get this all the time is this some kind of blackhole server



I'm a newbie and I'm still learning so please bare with me thank you

Last edited by ComputerHermit_; 08-16-2007 at 11:20 PM.
 
Old 08-16-2007, 08:23 AM   #2
tjyorkshire
Member
 
Registered: Jun 2007
Location: UK
Distribution: openSUSE 10.2
Posts: 138

Rep: Reputation: 15
so, you're saying that your connected to some sort of public wireless router/access point?
 
Old 08-16-2007, 06:37 PM   #3
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
What is your current host-based firewall setup? Do you really need to be able to log-in to your box from the wireless network? Also, what kind of security does your wireless have? WEP? WPA? Or is it open? Blacklisting MACs is not an effective solution to your problem IMHO.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Network server not viewable from inside network using domain name. Tear Syden Linux - Server 5 11-04-2006 06:17 AM
Cannot ssh inside my network cucolin@ Linux - Networking 16 07-24-2006 09:34 AM
stack droping packets (netif_rx) porous Programming 2 04-21-2005 09:16 AM
Can't ping inside network samus8zero2x Linux - Networking 11 09-21-2004 10:18 AM
URGENT - Cant boot up. ...droping you to a shell.... ForumKid Linux - General 2 02-02-2002 01:34 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration