Robert Spangler on 3 Feb 2012 21:28:48 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Quick& dirty IP blocking

On Friday 03 February 2012 15:26, the following was written:

Coming a little late to the party but..........

>> iptables -A INPUT -s -j DROP
>  OK, I have to admit I haven't played with iptables in a long time, and
>  it and distros change.  Having said that, are you sure?  

Yeah, this would stop incoming packets from 192.168.192.*.  But as said one 
should use an 'I' instead of the 'A' so the rule is the first one.  Also 
should be noted that this rule would only work on the server or the device it 
was meant to protect.  If you have a router/firewall before the server then 
you would want to place the rule there and on the FORWARD rule set not the 
INPUT rule set.

>  I thought there  would be some defaults you'd need to make sure you don't
>  run afoul of. >  Like a default allow a couple of things the a "deny all". 
>  So if you don't allow all the right things before you turn it on...

You should always start off with a firewall that blocking everything and then 
open ports you require as needed.

I prefer IPTABLES over this blackhole due to the fact that I could stop 
attacks before they reach the system not after.



The adventure of a lifetime.

Linux User #296285
Get Counted
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --