Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Need help for iptables rules
Special Forums Cybersecurity Need help for iptables rules Post 302988743 by Peasant on Sunday 1st of January 2017 02:33:38 PM
Old 01-01-2017
With 'free wifi' most harmfull stuff is not actually related to your firewall (unless you block everything, which makes no sense).

A person who owns that wifi network in one way or another can :

1. Use fake DNS and create fake pages for folks inside that network.
2. Sniff network traffic, especially unencrypted/poorly encrypted traffic and analyze it or/and save it for later (perhaps even years, to brute force it later when he gets a new gpu Smilie )

A lot of other things for an imaginative mind.

Conclusion is if the for anything but casual surfing (no banking, no credentials input), unless you know for a fact that no such things exist in that network.
If using be sure to check the certificates of pages you are leaving credentials at, and use strong encryption.

Hope the helps
Regards
Peasant.
This User Gave Thanks to Peasant For This Post:
Thomas342
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

SED inserting iptables rules in while loop

I'm trying to insert multiple new lines of text into an iptables script using sed in a while loop. I'm not sure if this is the most effective way. Searching the forums has helped me come up with a good beginning but it's not 100%. I'd like it to search out a unique line in my current iptables file... (2 Replies)
Discussion started by: verbalicious
2 Replies

2. IP Networking

Iptables rules at boot

Hi I have small home network and I want to block some forums on web When I use this iptables -A INPUT -s forum -j DROP rules is applied but when I restart some of PC rules are not present any more also I tried to save firewall settings iptables-save > /root/dsl.fw but how to... (2 Replies)
Discussion started by: solaris_user
2 Replies

3. Cybersecurity

Editing rules on iptables

Hello, I was playing around with iptables to setup an isolated system. On a SLES10 system, I ran the below to setup my first draft of rules. I noticed that the rules come into effect immediately and do not require any restart of iptables. iptables -A INPUT -j ACCEPT iptables -A OUTPUT -m... (4 Replies)
Discussion started by: garric
4 Replies

4. Ubuntu

iptables rules (ubuntu)

Could someone help me with writing rules for iptables? I need a dos attacks protection for a game server. port type udp ports 27015:27030 interface: eth0 Accept all packets from all IPs Chek if IP sent more than 50 packets per second Drop all packets from this IP for 5 minutes I would be... (0 Replies)
Discussion started by: Greenice
0 Replies

5. Red Hat

Iptables/Firewall rules for multicast IP.

Hi Gurus, I need to add Multicast Port = xyz Multicast Address = 123.134.143 ( example) to my firewall rules. Can you please guide me with the lines I need to update my iptables files with. (0 Replies)
Discussion started by: rama krishna
0 Replies

6. Red Hat

iptables Rules for my network

Hi Champs i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local : #Allow loopback iptables -I INPUT -i lo -j ACCEPT # Accept packets from Trusted network iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Discussion started by: Vaibhav.T
0 Replies

7. UNIX for Advanced & Expert Users

Editing iptables rules with custom chain

Hello, I have iptables service running on my CentOS5 server. It has approx 50 rules right now. The problem I am facing now is as follows - I have to define a new chain in the filter table, say DOS_RULES & add all rules in this chain starting from index number 15 in the filter table. ... (1 Reply)
Discussion started by: BhushanPathak
1 Replies

8. Shell Programming and Scripting

Need to Convert the QNX rules to UNIX iptables

Need to convert the QNX rules to Linux ubuntu 12.04. kindly any one help us with any tools (4 Replies)
Discussion started by: mageshkumar
4 Replies

9. UNIX for Advanced & Expert Users

iptables help with rules

Hi, I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it. The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Discussion started by: steadyonabix
4 Replies

10. IP Networking

iptables - formatting icmp rules

Hi, I am relatively new to firewalls and netfilter. I have a Debian Stretch router box running dnsmasq, connected to a VPN. Occasionally dnsmasq polls all of the desired DNS servers to select the fastest. When it does this it responds to replies of the non-selected DNS servers with a icmp type... (0 Replies)
Discussion started by: CrazyDave
0 Replies

LEARN ABOUT DEBIAN

wifi-radar.conf

wifi-radar.conf(5)						File Formats Manual						wifi-radar.conf(5)

NAME

       wifi-radar.conf - configuration file for WiFi Radar

SYNOPSIS

       wifi-radar.conf

DESCRIPTION

       wifi-radar.conf is the configuration file for WiFi Radar (wifi-radar(1)) a PyGTK2 utility for managing WiFi profiles in GNU/Linux.

       The  file  is an ini-type format with three global sections: [DEFAULT], [DHCP], and [WPA].  These are followed by zero or more profile sec-
       tions.

       The settings contained in the configuration file can all be edited from within WiFi Radar, either through the  Preferences  button  or  the
       Edit button.  But you are free to edit the configuration file manually if you like.

Interpolated Strings
       It  is  possible to use configuration options in the value of other options. To use interpolated strings, surround any option from the con-
       figuration file with %( and )s.	So, to use the interface option from the [DEFAULT] section in the value of any other option, use  %(inter-
       face)s in the option's value.

Global Settings
   [DEFAULT]
       General options.

       auto_profile_order
	   Comma-separated  list  of  profiles,  surrounded  by  square brackets, specifying the order of profiles in the main window.	An example
	   value: ['test:00:00:00:00:00:00', 'WinterPalace:']

	   (default: [])

       commit_required
	   Set to True if iwconfig(8) commit should be used after each iwconfig command.

	   (default: False)

       ifconfig_command
	   Specify the path to ifconfig(8), the command to use when manipulating the IP settings of the NIC.

	   (default: /sbin/ifconfig)

       ifup_required
	   Set to True if the NIC must be activated (i.e. ifconfig wlan0 up) before scanning will work.

	   (default: False)

       interface
	   Specifies the interface to scan. Set to the name of your NIC (e.g.  eth1 or wlan0). The special value 'auto_detect' will use the first-
	   found WiFi interface.

	   (default: auto_detect)

       iwconfig_command
	   Specify the path to iwconfig(8), the command to use when trying to associate with a network.

	   (default: /sbin/iwconfig)

       iwlist_command
	   Specify the path to iwlist(8), the command to use for scanning for access points.

	   (default: /sbin/iwlist)

       logfile
	   Sets the location of the log file.

	   (default: /var/log/wifi-radar.log)

       loglevel
	   This  sets  the  verbosity of messages sent to the logfile.	The number given here is a threshold value, only those messages emitted by
	   WiFi Radar which exceed loglevel will be written to the logfile.  The maximum (and default) value of 50 means to  only  save  the  most
	   critical messages and a loglevel of 0 means to save all messages to the logfile.

	   (default: 50)

       route_command
	   Specify the path to route(8), the command to use to set up network routing if DHCP is not used.

	   (default: /sbin/route)

       speak_command
	   Specify the path to the command to use to speak status messages.  This can be any program which takes a string on the command line.

	   (default: /usr/bin/say)

       speak_up
	   Set to True to use the speak command.

	   (default: False)

       version
	   The	version  of  WiFi Radar which created this configuration file. This value is overwritten by WiFi Radar each time the configuration
	   file is saved.

   [DHCP]
       Options for the DHCP client used by WiFi Radar.

       args
	   The parameters to pass to the DHCP client when acquiring a lease (i.e. setting up a connection).

	   (default: -D -o -i dhcp_client -t %(timeout)s)

       command
	   The command to use to automatically set up the IP networking.  This can be any DHCP client, like dhcpcd(8) or dhclient(8), which  forks
	   into the background or exits when it acquires an IP address or fails.

	   (default: /sbin/dhcpcd)

       kill_args
	   The parameters to pass to the DHCP client when disconnecting from a network.

	   (default: -k)

       pidfile
	   Specify  where  the	DHCP  client saves its state info.  This file is used if the standard DHCP disconnect does not work and WiFi Radar
	   must kill the client on its own.

	   (default: /etc/dhcpc/dhcpcd-%(interface)s.pid)

       timeout
	   The time (in seconds) to allow the DHCP client to try to acquire a lease.  If the DHCP client does not stop itself after this length of
	   time plus five seconds, WiFi Radar will force the client to end.

	   (default: 30)

   [WPA]
       Options for the WPA supplicant used by WiFi Radar.

       args
	   The parameters to pass to the WPA supplicant when associating with the network.

	   (default: -B -i %(interface)s -c %(configuration)s -D %(driver)s -P %(pidfile)s)

       command
	   Specify the command to use as the WPA supplicant.

	   (default: /usr/sbin/wpa_supplicant)

       configuration
	   The WPA supplicant's configuration file.

	   (default: /etc/wpa_supplicant.conf)

       driver
	   The WPA supplicant driver to use.

	   (default: wext)

       kill_command
	   The command to use to end the WPA supplicant.

	   The default is an empty value.

       pidfile
	   Specify where the WPA supplicant saves its state info.

	   (default: /var/run/wpa_supplicant.pid)

Per-profile Settings
       Each  profile  header  consists	of  the  network  name (a.k.a. ESSID), followed by a colon, and optionally followed by the network address
       (a.k.a. BSSID).	The BSSID may be blank if the profile is a roaming profile.  So a sample roaming profile  section  name  could	look  like
       [WinterPalace:].

       available
	   Used internally by WiFi Radar to indicate whether an access point is currently detected, it should always be False in the configuration
	   file.

	   (default: False)

       bssid
	   A copy of the BSSID in the section name, it is used to calculate the section name.  The  BSSID  is  the  network  address,  it  usually
	   matches the AP address.  It may be blank in a roaming profile.

	   (default: 00:00:00:00:00:00)

       channel
	   The channel to use to connect with the network.

	   (default: auto)

       con_postscript
	   The command to run after connecting to the network.

	   The default is an empty value.

       con_prescript
	   The command to run before connecting to the network.

	   The default is an empty value.

       dis_postscript
	   The command to run after disconnecting from the network.

	   The default is an empty value.

       dis_prescript
	   The command to run before disconnecting from the network.

	   The default is an empty value.

       dns1
	   The primary DNS server.  Part of the static configuration to use when not using DHCP.

	   The default is an empty value.

       dns2
	   The secondary DNS server.  Part of the static configuration to use when not using DHCP.

	   The default is an empty value.

       domain
	   The domain (e.g. winterpalace.org) of the network.  Part of the static configuration to use when not using DHCP.

	   The default is an empty value.

       encrypted
	   Whether  the  network is encrypted.	The value for this option is determined by scanning and will be overwritten if changed manually in
	   the configuration file.

	   (default: False)

       essid
	   The network name.  This is a copy of the ESSID in the section name and is used to calculate the section name.

	   The default is an empty value.

       gateway
	   The IP address of the gateway to other networks.  Part of the static configuration to use when not using DHCP.

	   The default is an empty value.

       ip  The fixed IP address to use on this network.  Part of the static configuration to use when not using DHCP.

	   The default is an empty value.

       key The WEP encryption key.  This is not used with WPA.

	   The default is an empty value.

       known
	   This is used internally by WiFi Radar to indicate whether an access point has a configured profile, it should always  be  True  in  the
	   configuration file.

	   (default: True)

       mode
	   This is the association mode to use.  This is not the same as the mode reported by the AP.  In fact, this should be a reflection of the
	   AP mode (i.e. Master mode AP should be Managed mode here).

	   (default: auto)

       netmask
	   The netmask (e.g. 192.168.1.0/255) to use.  Part of the static configuration to use when not using DHCP.

	   The default is an empty value.

       protocol
	   The WiFi protocol used by the access point (AP).  This is only used as a place to store the protocol read from the AP.   This  will	be
	   overwritten the next time the AP is scanned.

	   (default: g)

       roaming
	   Set to True if this is a roaming profile.

	   (default: False)

       security
	   This should/will be the security mode (i.e. open or restricted), but as it currently causes crashes, it is not used.

	   The default is an empty value.

       signal
	   The	signal	level read from the access point (AP).	This is used internally by WiFi Radar, the value will be overwritten each time the
	   configuration file is saved.

	   (default: 0)

       use_dhcp
	   When set to True, WiFi Radar will ask the DHCP client to configure the IP settings.

	   (default: True)

       use_wpa
	   When set to True, WiFi Radar will ask the WPA supplicant to handle associating with the access point.

	   (default: False)

       wpa_driver
	   The card driver the WPA supplicant should use.

	   The default is an empty value.

EXAMPLE

       [DEFAULT]
       auto_profile_order = ['test:00:00:00:00:00:00', 'WinterPalace:']
       commit_required = False
       ifconfig_command = /sbin/ifconfig
       ifup_required = True
       interface = auto_detect
       iwconfig_command = /sbin/iwconfig
       iwlist_command = /sbin/iwlist
       logfile = /var/log/wifi-radar.log
       loglevel = 50
       route_command = /sbin/route
       speak_command = /usr/bin/say
       speak_up = False
       version = 2.0.s02

       [DHCP]
       args = -D -o -i dhcp_client -t %(timeout)s
       command = /sbin/dhcpcd
       kill_args = -k
       pidfile = /etc/dhcpc/dhcpcd-%(interface)s.pid
       timeout = 30

       [WPA]
       args = -B -i %(interface)s -c %(configuration)s -D %(driver)s -P %(pidfile)s
       command = /usr/sbin/wpa_supplicant
       configuration = /etc/wpa_supplicant.conf
       driver = wext
       kill_command =
       pidfile = /var/run/wpa_supplicant.pid

       [test:00:00:00:00:00:00]
       available = False
       bssid = 00:00:00:00:00:00
       channel = auto
       con_postscript =
       con_prescript =
       dis_postscript =
       dis_prescript =
       dns1 =
       dns2 =
       domain =
       encrypted = False
       essid = test
       gateway =
       ip =
       key =
       known = True
       mode = auto
       netmask =
       protocol = g
       roaming = False
       security =
       signal = 0
       use_dhcp = True
       use_wpa = False
       wpa_driver =

       [WinterPalace:]
       available = False
       bssid =
       channel = auto
       con_postscript =
       con_prescript =
       dis_postscript =
       dis_prescript =
       dns1 =
       dns2 =
       domain =
       encrypted = True
       essid = WinterPalace
       gateway =
       ip =
       key = 123456789ABCDEF
       known = True
       mode = auto
       netmask =
       protocol = g
       roaming = True
       security =
       signal = 0
       use_dhcp = True
       use_wpa = False
       wpa_driver =

FILES

       /etc/wifi-radar/wifi-radar.conf

BUGS

       Probably lots!

SEE ALSO

       wifi-radar(1) wpa_supplicant.conf(5)

WiFi Radar 2.0							     July 2009							wifi-radar.conf(5)
All times are GMT -4. The time now is 06:15 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy