On Sun, 2003-03-02 at 15:25, Michelle A. Hoyle wrote: > I'd worked myself up a nice set of ipchains rules for the RaQ4 over > the years that disallowed various kinds of services I wasn't running > (stupid ASP server for one), but I'm having trouble coming up with a > similar set for IPTables. There doesn't seem to be as much good > documentation how-to's for IPTables as for ipchains. Does someone > have a basic set of IPTable rules they'd be willing to share for a > RaQ550? >
Why not use gShield, default policy is to drop everything except maybe ident. You just enable the services you need using a very well documented set of configuration files. You can add the odd custom rule yourself as well. The only place I have had trouble is the default policy is to log the drop events for hosts you place in the blacklist, dropping hundreds of packets a second from a rogue site will overwhelm the Raq with logging activity. You can do an sh -x on the gShield rc file to see all the rules generated if you want to sanity check the thing. http://muse.linuxmafia.org/gshield.html Eric > Thanks! > > Michelle > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
