Re: securing single debian box against internet attacks

This is a discussion on Re: securing single debian box against internet attacks within the Linux Security forums, part of the System Security and Security Related category; If you have a 2.4 kernel then it is simple to block stuff and allow external access by the ...


Go Back   Usenet Forums > System Security and Security Related > Linux Security

Reload this Page Re: securing single debian box against internet attacks

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-29-2003
Michael Forster
 
Posts: n/a
Default Re: securing single debian box against internet attacks
If you have a 2.4 kernel then it is simple to block stuff and allow external
access by the internal machines, here is my firewall-setup script (I hate
using the built in stuff (I use SuSE Linux) but as I also run servers I
haven't dropped all packets, and the first line that is hashed out when
unhashed will stop the box even responding to ping requests.

Hope this helps
Mike.


# start the ip forwarding
modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
# setup masquerading
iptables -F
iptables -t nat -F
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# iptables -A INPUT -p ICMP -i eth1 -j DROP
iptables -A PREROUTING -t nat -p udp -d 212.19.66.163 --dport
1412 -j DN
iptables -A PREROUTING -t nat -p tcp -d 212.19.66.163 --dport
1412 -j DN
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 37 -j DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 113 -j
DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 79 -j DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 111 -j
DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 135 -j
DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 139 -j
DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 143 -j
DROP
# iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 443 -j
DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 445 -j
DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 515 -j
DROP
iptables -A INPUT -p tcp -d 212.19.66.163 -i eth1 --dport 5000 -j
DROP

"User" <qw@spamhole.com> wrote in message
news:73c5dd76.0306230151.32f54ee2@posting.google.c om...
> I am on broadband and I wish to secure my debian box before putting it
> on the internet. I have a LinkSys G54 broadband router and 'firewall'
> but as a firewall it is limited (spoofed tcp ACK packets get by, etc.)
> Hence, I need to protect my desktop debian box against attacks. It's
> used just a simple desktop machine, it doesn't need to route or bridge
> or any of that. What is the easiest way to harden it against network
> attacks? I've read the firewall HOW-TO etc. but I was wondering if
> there is a more convenient way than having to recompile the kernel?
> For instance, is there a debian package that would aid me?
>
> thanks


Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:04 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0