NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FOCUS-Linux> 2004-q3

RE: iptables & tcp wrappers

From: Bowes, Ronald (EST) (RBowesgov.mb.ca)
Date: Mon Sep 27 2004 - 10:27:46 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There's a fantastic tutorial on iptables at
http://iptables-tutorial.frozentux.net/iptables-tutorial.html. I knew
absolutely nothing about iptables when I started reading it, and now I feel
comfortable doing anything with it. It really is amazingly powerful if you
understand it.

There is a section there about how to log to syslog, which can be retrieved
with dmesg.

Hope that helps!

Ron Bowes
Information Protection Centre
Government Of Manitoba

-----Original Message-----
From: Meatplow [mailto:gregmeatplow.com]
Sent: Friday, September 24, 2004 3:57 PM
To: focus-linuxsecurityfocus.com
Subject: iptables & tcp wrappers

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello.

I'm running RH Enterprise edition.

I'm relatively new to iptables. I am getting the common intrusion
attempts with some of the common uses of test/guest/root/ and a
couple others I've been able to add the IPs to the to iptables.,
but
I'd really like a log that tells me the info that I want to know.

My basic input command is this :
#iptables -A INPUT -p tcp -s PUT_IP_HERE -d 0/0 --syn -j DROP

iptables seem a little convoluted. Example. To delete a line -
supposedly give it a line and it will be deleted/modified. My
problem is even with #iptable -L -v there is no line number ?

My goal is to block all incoming ssh attempts except IP#.
This is where I got into hosts.allow/deny as mentioned below.

I've tried to find many different types of commands and it works to
some degree, but not the way I'd expect it to.

Any help would be appreciated. I'm not completely sure that I
understand iptables as well as I want/need to. I've also toyed
around with the hosts.allow/hosts.deny and have not been successful.

I know that there is a lot of info in here, and I'm tired. I'll
leave it at that

Thanks in advance for your time and help.

Meatplow
greg ta meatplow.com

Thanks again.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBQVSBsR42gIcyjrnjEQJIqwCfWAShp7r+J1XNNjQq6sbvvD03WZ8AoNrg
ctQ837g5pQDafgBhTTeeMr1V
=niWK
-----END PGP SIGNATURE-----

--
Fedora-config-list mailing list
Fedora-config-listredhat.com
http://www.redhat.com/mailman/listinfo/fedora-config-list

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]