Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Woops, Sorry I did not post that before. Here you go
Here is iptables -L -v
Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
400 44801 ACCEPT all -- lo any anywhere anywhere
434 156K DROP all -- eth0 any 10.0.0.0/8 anywhere
0 0 DROP all -- eth0 any 172.16.0.0/12 anywhere
0 0 DROP all -- eth0 any 192.168.0.0/16 anywhere
0 0 DROP all -- eth0 any 0.0.0.0/8 anywhere
0 0 DROP all -- eth0 any 127.0.0.0/8 anywhere
0 0 DROP all -- eth0 any 192.0.2.0/24 anywhere
0 0 DROP all -- eth0 any 169.254.0.0/16 anywhere
0 0 DROP all -- eth0 any BASE-ADDRESS.MCAST.NET/4 anywhere
0 0 DROP all -- eth0 any 240.0.0.0/5 anywhere
0 0 DROP all -- eth0 any 255.255.255.255 anywhere
0 0 DROP all -- any any 219.96.228.226 anywhere
0 0 DROP all -- any any 150.108.236.20 anywhere
0 0 DROP all -- any any 210.80.207.147 anywhere
0 0 DROP all -- any any celta.telemar.com.br anywhere
0 0 DROP all -- any any 24-148-22-92.na.21stcentury.net anywhere
0 0 SCAN tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
0 0 SCAN tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
1 40 SCAN tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
0 0 FLAGS tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
0 0 FLAGS tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
0 0 FLAGS tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
0 0 FLAGS tcp -- eth0 any anywhere anywhere tcp flags:SYN,RST/SYN,RST
0 0 FLAGS tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
0 0 FLAGS tcp -- eth0 any anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG
0 0 LOG all -f eth0 any anywhere anywhere limit: avg 1/sec burst 5 LOG level info prefix `**FRAGMENT** '
0 0 DROP all -f eth0 any anywhere anywhere
0 0 ACCEPT udp -- any any 172.30.166.36 anywhere udp spt:bootps dpt:bootpc
0 0 ACCEPT udp -- any any cdnt01-a-rtr.roylok01.mi.comcast.net anywhere udp spt:bootps dpt:bootpc
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:auth
1 60 ACCEPT tcp -- eth0 any anywhere anywhere tcp dpt:auth
0 0 ACCEPT udp -- any any ns01.pntiac01.mi.comcast.net anywhere udp spt:domain
0 0 ACCEPT udp -- any any ns02.pntiac01.mi.comcast.net anywhere udp spt:domain
0 0 ACCEPT udp -- any any ns1.ameritech.net anywhere udp spt:domain
0 0 ACCEPT tcp -- any any ns01.pntiac01.mi.comcast.net anywhere tcp spt:domain
0 0 ACCEPT tcp -- any any ns02.pntiac01.mi.comcast.net anywhere tcp spt:domain
0 0 ACCEPT tcp -- any any ns1.ameritech.net anywhere tcp spt:domain
0 0 LOG icmp -f eth0 any anywhere anywhere limit: avg 1/sec burst 5 LOG level info prefix `**ICMP FRAG** '
0 0 DROP icmp -f eth0 any anywhere anywhere
0 0 ACCEPT icmp -- eth0 any anywhere anywhere icmp destination-unreachable
0 0 ACCEPT icmp -- eth0 any anywhere anywhere icmp source-quench
0 0 ACCEPT icmp -- eth0 any anywhere anywhere icmp time-exceeded
0 0 ACCEPT icmp -- eth0 any anywhere anywhere icmp parameter-problem
160 14148 ACCEPT icmp -- eth0 any anywhere anywhere icmp echo-request
1 48 ACCEPT icmp -- eth1 any anywhere anywhere
0 0 ACCEPT icmp -- any any anywhere anywhere state RELATED,ESTABLISHED
0 0 LOG icmp -- any any anywhere anywhere limit: avg 1/sec burst 5 LOG level info prefix `**ICMP DROP** '
0 0 DROP icmp -- any any anywhere anywhere
20 1000 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ssh
0 0 ACCEPT tcp -- eth0 any pcp03414601pcs.pimaco01.az.comcast.net anywhere tcp dpt:ssh
4306 237K ACCEPT tcp -- eth0 any 216-161-147-130.tcsn.qwest.net anywhere tcp dpt:ssh
0 0 ACCEPT tcp -- eth0 any cpe-66-1-46-3.az.sprintbbd.net anywhere tcp dpt:ssh
32298 2668K TRAFFIC all -- any any anywhere anywhere
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any 219.96.228.226 anywhere
0 0 DROP all -- any any 150.108.236.20 anywhere
0 0 DROP all -- any any 210.80.207.147 anywhere
0 0 DROP all -- any any celta.telemar.com.br anywhere
0 0 DROP all -- any any 24-148-22-92.na.21stcentury.net anywhere
4 216 ACCEPT tcp -- eth0 eth1 anywhere anywhere tcp dpt:webcache state NEW,RELATED,ESTABLISHED
0 0 ACCEPT tcp -- eth0 eth1 anywhere anywhere tcp dpt:http state NEW,RELATED,ESTABLISHED
2 120 ACCEPT tcp -- eth0 eth1 anywhere anywhere tcp dpt:smtp state NEW,RELATED,ESTABLISHED
103K 8095K TRAFFIC all -- any any anywhere anywhere
0 0 ACCEPT all -- eth0 eth1 anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth1 eth0 anywhere anywhere
0 0 LOG all -- any any anywhere anywhere limit: avg 1/sec burst 5 LOG level info prefix `**FORWARD DROP** '
0 0 DROP all -- any any anywhere anywhere
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
400 44801 ACCEPT all -- any lo anywhere anywhere
0 0 DROP all -- any any anywhere 219.96.228.226
0 0 DROP all -- any any anywhere 150.108.236.20
0 0 DROP all -- any any anywhere 210.80.207.147
0 0 DROP all -- any any anywhere celta.telemar.com.br
0 0 DROP all -- any any anywhere 24-148-22-92.na.21stcentury.net
0 0 STOPOUT tcp -- any any anywhere anywhere tcp dpt:10008
0 0 STOPOUT tcp -- any any anywhere anywhere tcp dpt:65535
0 0 STOPOUT tcp -- any any anywhere anywhere tcp dpt:12345
0 0 STOPOUT tcp -- any any anywhere anywhere tcp dpt:asp
0 0 STOPOUT tcp -- any any anywhere anywhere tcp dpts:31335:31337
0 0 STOPOUT udp -- any any anywhere anywhere udp dpts:31335:31337
16 4477 DROP icmp -- any eth0 anywhere anywhere icmp destination-unreachable
0 0 ACCEPT icmp -- any eth1 anywhere anywhere icmp echo-reply
165 14950 ACCEPT icmp -- any any anywhere anywhere state NEW,RELATED,ESTABLISHED
49156 54M TRAFFIC all -- any any anywhere anywhere
Chain FLAGS (6 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- any any anywhere anywhere limit: avg 2/sec burst 5 LOG level info prefix `**BADFLAGS** '
0 0 DROP all -- any any anywhere anywhere
Chain SCAN (3 references)
pkts bytes target prot opt in out source destination
1 40 LOG all -- any any anywhere anywhere limit: avg 2/sec burst 5 LOG level info prefix `**PORTSCAN** '
1 40 DROP all -- any any anywhere anywhere
Chain STOPOUT (6 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- any any anywhere anywhere limit: avg 1/sec burst 5 LOG level info prefix `**TROJAN?** '
0 0 DROP all -- any any anywhere anywhere
Chain TRAFFIC (3 references)
pkts bytes target prot opt in out source destination
183K 64M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
1182 238K ACCEPT all -- !eth0 any anywhere anywhere state NEW
221 52363 LOG all -- any any anywhere anywhere limit: avg 1/sec burst 5 LOG level info prefix `**PACKET DROP** '
222 52411 DROP all -- any any anywhere anywhere
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.