[Techtalk] Help with iptables configuration
Tammy Cravit
tammy.lists at warmfuzzy.com
Mon Aug 18 08:52:41 EST 2003
Hamster wrote:
>The webpage with the iptables script, is it possible for you to republish
>that, but with line numbers?
>
Duh...I should have thought of that. The file has been updated. :-)
>rule set without knowing anything about the network/computer its trying to
>protect! If you can give some info about the duties of the machine its on
>and the type of computers its trying to protect, that would help.
>
OK, let's see...the machine is a Red Hat 7.2 (I'm trying to get the
hosting provider to upgrade it) server hosted by Rackspace. uname -a
reports the following:
Linux XXX.XXX.com 2.4.18-SGI_XFS_1.1 #1 Wed Apr 17 09:20:17 CDT 2002
i686 unknown
The machine is providing the following services to the Internet at large:
- Apache (HTTP and HTTPS)
- Apache Tomcat running on port 8080 to run one (so far) custom servlet
- Outgoing SMTP for a variety of subscription-based email services
- POP3 (though I'm trying to find out if the client really needs that)
- NTP (ditto)
What I'm trying to accomplish with the iptables stuff is not turning it
into a firewall to protect other systems, but just hardening it as much
as is practical against people pounding on the box. So, any suggestions
based on that would be greatly appreciated. Also, I noticed something
in line 124 of the config got garbled; I'll try to fix that.
Thanks for the help!
Tammy
--
Tammy Cravit, tammy at warmfuzzy.com <mailto:tammy at warmfuzzy.com> | "Courage is the price that life
http://www.warmfuzzy.com/ | exacts for granting peace."
http://www.warmfuzzy.com/blog/ | - Amelia Earhart
More information about the Techtalk
mailing list