[Techtalk] moving to iptables
rocketgirl
wendy.mores at laposte.net
Mon Aug 11 21:42:39 EST 2003
Hamster wrote:
>This is highly presumptuous of me to say, given that I know nothing of
>your setup and what you want to achieve with iptables, but instead of slowly
>closing ports off, have you considered changing the default policy on all
>your tables to DROP and then just opening (-j ACCEPT) individual ports as
>you need them?
>
>
Not presumptuous at all...because I haven't got this down yet. I've got
the iptables with default policy DROP on everything and then I just
opened the ports that I needed as far as the firewall goes...which at
the moment means that internet and the network printer work. I've got
ssh on local network only. If I understand correctly...then for added
security I need to go through and edit configuration files of the
services that have opened ports...either regulating access in these
files or in the firewall. I've following the instructions in the
Linuxchix security lessons. The work server has practically nothing on
it, but I've got an experiment box at home where I've installed every
type of server, service you name it. When I do nmap on my machine, it
is a royal roll out. I'm trying to get a global understanding of all
these services at the moment. The only correctly functioning service (or
so it seems to be...) is the DNS server. Fetchmail is fetching
something but I don't know what it does with it and sendmail is running
but hasn't done anything useful yet. Configuration is all wrong and I'm
still pouring over the tutorials. There are services that I had no idea
existed and must have forgotten that I installed them. Actually, I
think the smart thing to do might be to deactivate all these services
till I get a grip on them one by one.
Wendy
More information about the Techtalk
mailing list