2008/12/12 doby nurcahyo <[email protected]>: > All, > > Langung aja, packages bloking port scanner di opensuse apa yang yang > tinggal maknyuss pake rpm / zypper apa ? >
Saya pernah coba psad (please googling) Kayaknya belum ada yang dipaketin ke openSUSE, mau kontribusi paketin di OBS? :-) Saya gak begitu suka psad karena kayaknya overkill, IMHO. Lagian kalau kita naruh di publik ip, yang dibuka port yang emang ada service-nya aja. Yang gak perlu ditutup. Cukup tambahan di iptables/SuSEfirewall misalnya: # sync packet iptables -A INPUT -i eth0 -p tcp ! --syn -m state --state NEW -m limit --limit 5/m --limit-burst 7 -j LOG --log-level 4 --log-prefix "Drop Syn" iptables -A INPUT -i eth0 -p tcp ! --syn -m state --state NEW -j DROP # Fragments packet iptables -A INPUT -i eth0 -f -m limit --limit 5/m --limit-burst 7 -j LOG --log-level 4 --log-prefix "Fragments Packets" iptables -A INPUT -i eth0 -f -j DROP # beberapa paket gelo iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL ALL -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL NONE -m limit --limit 5/m --limit-burst 7 -j LOG --log-level 4 --log-prefix "NULL Packets" iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL NONE -j DROP # NULL packets iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,RST SYN,RST -j DROP iptables -A INPUT -i eth0 -p tcp --tcp-flags FIN,ACK FIN -m limit --limit 5/m --limit-burst 7 -j LOG --log-level 4 --log-prefix "Fin Packets Scan" iptables -A INPUT -i eth0 -p tcp --tcp-flags FIN,ACK FIN -j DROP # FIN packet scans iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP Just my personal thought, kalau ada yang lain mau nambahin silakan share. salam, medwinz -- Jay Leno - "The reason there are two senators for each state is so that one can be the designated driver." _______________________________________________ milis mailing list [email protected] http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org
