[plug] Lock the box
Mike Holland
myk at golden.wattle.id.au
Fri Nov 5 14:36:46 WST 1999
On Fri, 5 Nov 1999, Brad Campbell wrote:
> I pretty much want to deny all incomming connections to the box.
This will stop all incoming connections. If you use ftp,
you may need an extra rule to allow it.
# Reject SYN packets from modem. (asking to establish a connection)
ipchains -A input -j REJECT -i ppp+ -y -p tcp -l
> I have commented out all the unused items in inetd.conf and
Ipchains is a better way - lower level, and lets you keeps services
open for the local LAN.
> probably the easy way to do it, is block incomming from ppp0 ?
Just dont block all incoming packets!
> I'm in the process of reading all the man pages and howto's I can
> get my hands on, but I don't really want to experiment too much
> as I'm using this as a samba server for some windows boxes and they
Definitely use ipchains. You dont want SMB services going to the net!
ciao,
Mike Holland <mike at golden.wattle.id.au> Perth, Australia.
--==--
A banker is a fellow who lends you his umbrella when the sun is shining
and wants it back the minute it begins to rain.
-- Mark Twain
More information about the plug
mailing list