[Techtalk] How to block ports

Vonda vtrucs at gmail.com
Sat May 17 15:05:10 UTC 2008



kp wrote:
> For ip tables check this link
> http://www.justlinux.com/nhf/Security/IPtables_Basics.html
>
> if you want to allow particular ip addresses, you can edit 
> /etc/hosts.allow and /etc/hosts.deny files.
>
>
> kp
>
>   


Thanks for that useful link.  I got two-thirds through it before my head 
started to hurt - a new record, I think.  Far enough that it looks like 
I'll be able deny, er, drop, all those 202 addresses, plus the one on my 
own lan that firestarter says keeps trying to sneak on. 


I'm using hostdeny/allow in paranoid mode, with just my two other 
networked office machines allowed access, but I understand iptables is 
more effective.  I'm -really-  paranoid.


Definitely going to have to hunt up that networking cookbook, though.  
I'd really like to know who on our lan keeps trying to sneak onto my 
office linux computer.


Vonda


> Carla Schroder wrote:
>   
>> On Friday 16 May 2008 2:29:07 pm Vonda wrote:
>>   
>>     
>>> Hello, Carla,
>>>
>>>
>>> Ruh-roh - now my eqo hurts.   That looks just like my netstat output 
>>> (not actual addresses) .  Good catch!
>>>
>>>
>>> Vonda
>>>     
>>>       
>> Heh, no worries. It's always better to ask, it's not like we're born knowing 
>> this guff.
>>
>> On a bit of a tangent, but perhaps still useful, man iptables is totally 
>> unhelpful for learning iptables. Even so, iptables basics aren't that hard to 
>> figure out, if you ever decide you want to dig into it. The key is ignoring 
>> the whizbang gurus who like to spend their days writing overcomplicated rules 
>> for every last little thing, and just concentrate on the fundamentals. Oskar 
>> Andreasson's tutorial is good
>> http://iptables-tutorial.frozentux.net/
>>
>> And of course I modestly recommend my own Linux Networking Cookbook, which has 
>> a fabulous chapter devoted to iptables firewalls. 
>>
>> For simple needs, Firestarter is great. It's what I recommend for folks who 
>> want something basic and easy, and works right.
>>
>> Carla
>>
>>   
>>     
>
> _______________________________________________
> Techtalk mailing list
> Techtalk at linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/techtalk
>
>   


More information about the Techtalk mailing list