Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Need help for iptables rules
Special Forums Cybersecurity Need help for iptables rules Post 302988734 by Thomas342 on Sunday 1st of January 2017 11:30:10 AM
Old 01-01-2017
Are you trying to harden your box for a reason? A lot of linux boxes have special apps to help you. What OS and version of it do you have?
uname -a will show that, so please post it.

No but you can't be too careful. And sometimes my laptop is connected to free WiFi.
I 've got two laptops: ubuntu and debian
1)Linux 4.4.0-57-generic #78-Ubuntu SMP Fri Dec 9 23:46:51 UTC 2016 i686 i686 i686 GNU/Linux
2)Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) x86_64 GNU/LINUX

My point is: you can break all kinds of services without knowing why. And if someone attacks a random port and there is no service behind it to respond, the attacks fails. So no need to block it. This is why attacks go for a lot of known ports. So known ports may require a minor tweak.
You mean I'do better to change default ports rather than block them?

Thanks.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

SED inserting iptables rules in while loop

I'm trying to insert multiple new lines of text into an iptables script using sed in a while loop. I'm not sure if this is the most effective way. Searching the forums has helped me come up with a good beginning but it's not 100%. I'd like it to search out a unique line in my current iptables file... (2 Replies)
Discussion started by: verbalicious
2 Replies

2. IP Networking

Iptables rules at boot

Hi I have small home network and I want to block some forums on web When I use this iptables -A INPUT -s forum -j DROP rules is applied but when I restart some of PC rules are not present any more also I tried to save firewall settings iptables-save > /root/dsl.fw but how to... (2 Replies)
Discussion started by: solaris_user
2 Replies

3. Cybersecurity

Editing rules on iptables

Hello, I was playing around with iptables to setup an isolated system. On a SLES10 system, I ran the below to setup my first draft of rules. I noticed that the rules come into effect immediately and do not require any restart of iptables. iptables -A INPUT -j ACCEPT iptables -A OUTPUT -m... (4 Replies)
Discussion started by: garric
4 Replies

4. Ubuntu

iptables rules (ubuntu)

Could someone help me with writing rules for iptables? I need a dos attacks protection for a game server. port type udp ports 27015:27030 interface: eth0 Accept all packets from all IPs Chek if IP sent more than 50 packets per second Drop all packets from this IP for 5 minutes I would be... (0 Replies)
Discussion started by: Greenice
0 Replies

5. Red Hat

Iptables/Firewall rules for multicast IP.

Hi Gurus, I need to add Multicast Port = xyz Multicast Address = 123.134.143 ( example) to my firewall rules. Can you please guide me with the lines I need to update my iptables files with. (0 Replies)
Discussion started by: rama krishna
0 Replies

6. Red Hat

iptables Rules for my network

Hi Champs i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local : #Allow loopback iptables -I INPUT -i lo -j ACCEPT # Accept packets from Trusted network iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Discussion started by: Vaibhav.T
0 Replies

7. UNIX for Advanced & Expert Users

Editing iptables rules with custom chain

Hello, I have iptables service running on my CentOS5 server. It has approx 50 rules right now. The problem I am facing now is as follows - I have to define a new chain in the filter table, say DOS_RULES & add all rules in this chain starting from index number 15 in the filter table. ... (1 Reply)
Discussion started by: BhushanPathak
1 Replies

8. Shell Programming and Scripting

Need to Convert the QNX rules to UNIX iptables

Need to convert the QNX rules to Linux ubuntu 12.04. kindly any one help us with any tools (4 Replies)
Discussion started by: mageshkumar
4 Replies

9. UNIX for Advanced & Expert Users

iptables help with rules

Hi, I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it. The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Discussion started by: steadyonabix
4 Replies

10. IP Networking

iptables - formatting icmp rules

Hi, I am relatively new to firewalls and netfilter. I have a Debian Stretch router box running dnsmasq, connected to a VPN. Occasionally dnsmasq polls all of the desired DNS servers to select the fastest. When it does this it responds to replies of the non-selected DNS servers with a icmp type... (0 Replies)
Discussion started by: CrazyDave
0 Replies

LEARN ABOUT NETBSD

rfc6056

RFC6056(7)					       BSD Miscellaneous Information Manual						RFC6056(7)

NAME

     rfc6056 -- port randomization algorithms

DESCRIPTION

     The rfc6056 algorithms are used in order to randomize the port allocation of outgoing UDP packets, in order to provide protection from a
     series of ``blind'' attacks based on the attacker's ability to guess the sequence of ephemeral ports associated with outgoing packets.  For
     more information consult RFC 6056.

     The individual algorithms are described below:

   The RFC 6056 algorithms
     The following algorithms are available:

     bsd	   This is the default NetBSD port selection algorithm, which starts from anonportmax and proceeds decreasingly through the avail-
		   able ephemeral ports.

     random_start  Select ports randomly from the available ephemeral ports.  In case a collision with a local port is detected, the algorithm
		   proceeds decreasingly through the sequence of ephemeral ports until a free port is found.  Note that the random port selection
		   algorithms are not guaranteed to find a free port.

     random_pick   Select ports randomly from the available ephemeral ports.  In case a collision with a local port is detected the algorithm
		   tries selecting a new port randomly until a free port is found.

     hash	   Select ports using a md5(3) hash of the local address, the foreign address, and the foreign port.  Note that in the case of a
		   bind(2) call some of this information might be unavailable and the port selection is delayed until the time of a connect(2)
		   call, performed either explicitly or up calling sendto(2).

     doublehash    Select ports using a md5(3) hash of the local address, foreign address, and foreign port coupled with a md5(3) hash of the same
		   components obtained using a separate table that is associated with a subset of all outgoing connections.  The same considera-
		   tions regarding late connection as in the case of hash apply.

     randinc	   Use random increments in order to select the next port.

SYSCTL CONTROLS

     The following sysctl controls are available for selecting the default port randomization algorithm:

     sysctl name			 Type	   Changeable
     net.inet.udp.rfc6056.available	 string    no
     net.inet.udp.rfc6056.selected	 string    yes
     net.inet6.udp6.rfc6056.available	 string    no
     net.inet6.udp6.rfc6056.selected	 string    yes

SOCKET OPTIONS

     The socket option UDP_RFC6056ALGO at the IPPROTO_UDP level can be used with a string argument specifying the algorithm's name in order to
     select the port randomization algorithm for a specific socket.  For more info see setsockopt(2).

SEE ALSO

     setsockopt(2), sysctl(3), sysctl(7)

HISTORY

     The rfc6056 algorithms first appeared in NetBSD 6.0.

BSD
								  August 25, 2011							       BSD
All times are GMT -4. The time now is 04:44 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy