[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] IPChains question
- Subject: Re: [cobalt-security] IPChains question
- From: "Nico Meijer" <nico.meijer@xxxxxxxxx>
- Date: Thu, 12 Apr 2001 21:57:26 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Carrie,
> I've decided I'm tired of seeing all of these port 137 connections
> from idiots thinking I run a Linux box, and I just want to block
> anything from coming in to that port.
Yes, good call!
I'd recommend DENYing 137 thru 139; all Wintendo type of stuff:
"--destination-port 137:139"
> My question is, how do I stop ALL incoming packets on 137, not just
> from one IP?
Instead of "192.168.0.1" say "0/0". I believe this even blocks localhost.
I'm still searching for an update of my favorite ipchains script(s)
(langistix.com, anyone?). I have an older version I use on masquerading
machines, which I would of course be glad to send you off list if you like.
It's three great starter scripts, actually.
Good luck blocking... Nico