[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    Re: ipchains help
From:       catalyst <catalyst () salon ! ru>
Date:       2002-09-23 8:42:03
[Download RAW message or body]

On Fri, 20 Sep 2002, Nikolai wrote:
> I have setup the following rules for my ipchains:
> 
> :input ACCEPT
> :forward DENY
> :output ACCEPT
> 
> -A input -j DENY -p all -l -s 127.0.0.0/8 -i eth0 -d 0.0.0.0/0
> -A input -i eth0 -s 0/0 -d 0/0 -p tcp -y -j DENY -l

As you may see, the protocol you have DENY is "-p tcp" (at the second line).
You may add fully identical row at the end except proto=ICMP, like this:

-A input -i eth0 -s 0/0 -d 0/0 -p ICMP -j DENY -l    or:
-A input -i eth0 -s 0/0 -d 0/0 8 -p ICMP -j DENY -l 

Good luck!


> 
> I did an online-based scan at scan.sygate.com and everything appears to
> be 'blocked' except ICMP service on port 8.
> 
> Can someone please help me with how to close this hole as well?
> 
> Some background:
> my kernel is 2.4.18 (with Mandrake 8.2)
> I'm new to Linux/GNU in general and security in particular.
> 
> Thanks
> Nikolai
-- 


[prev in list] [next in list] [prev in thread] [next in thread]