[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] ipchains adding to rc.local

Subject: Re: [cobalt-security] ipchains adding to rc.local
From: "Nico Meijer" <nico.meijer@xxxxxxxxx>
Date: Wed, 25 Jul 2001 22:29:44 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Robbert,

> Then IN the file servercommands I add the following lines:
>
> /sbin/ipchains -I input -s 203.232.240.215 -j DENY -l
> /sbin/ipchains -I input -s 63.25.226.171 -j DENY -l
>
> and so on.....
>
> Am I correct doing it this way ?

Technically, yes. I wouldn't advice you on doing that, personally.

IMHO, it's better to create a *complete* firewall script as (for instance)
/etc/rc.d/rc.firewall and call that from rc.local.
There has been a lot of discussion on ipchains recently, so if you've got
the time: read up. Check the firewall and ipchains howto's aswell.

Any questions: ask. A lot of people on this list seem to have their way with
ipchains, so there's lots to learn. You're getting to the good stuff now.
;-)

Take care... Nico

Follow-Ups:
- Re: [cobalt-security] ipchains adding to rc.local
  - From: R. Hamburg

References:
- Re: [cobalt-security] Port 80 and Roadrunner
  - From: David Lucas
- Re: [cobalt-security] Port 80 and Roadrunner
  - From: Steve Werby
- Re: [cobalt-security] Port 80 and Roadrunner - SMTP relaying shenanigans
  - From: Kevin D
- Re: [cobalt-security] ipchains adding to rc.local
  - From: R. Hamburg

Prev by Date: [cobalt-security] Fw: [UNIX] PHP Safe_mode Security Flaws
Next by Date: [cobalt-security] ipchains adding to rc.local
Previous by thread: Re: [cobalt-security] ipchains adding to rc.local
Next by thread: Re: [cobalt-security] ipchains adding to rc.local

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index