| Robert Spangler on 3 Feb 2012 21:28:48 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Quick& dirty IP blocking |
On Friday 03 February 2012 15:26, the following was written: Coming a little late to the party but.......... >> iptables -A INPUT -s 192.168.192.0/24 -j DROP > > OK, I have to admit I haven't played with iptables in a long time, and > it and distros change. Having said that, are you sure? Yeah, this would stop incoming packets from 192.168.192.*. But as said one should use an 'I' instead of the 'A' so the rule is the first one. Also should be noted that this rule would only work on the server or the device it was meant to protect. If you have a router/firewall before the server then you would want to place the rule there and on the FORWARD rule set not the INPUT rule set. > I thought there would be some defaults you'd need to make sure you don't > run afoul of. > Like a default allow a couple of things the a "deny all". > So if you don't allow all the right things before you turn it on... You should always start off with a firewall that blocking everything and then open ports you require as needed. I prefer IPTABLES over this blackhole due to the fact that I could stop attacks before they reach the system not after. -- Regards Robert Linux The adventure of a lifetime. Linux User #296285 Get Counted http://linuxcounter.net/ ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug