You could add the following in your firewall rule set.
[EMAIL PROTECTED] root]# iptables -A FORWARD -p tcp --sport 137:139 -j DROP
[EMAIL PROTECTED] root]# iptables -A FORWARD -p udp --sport 137:139 -j DROP
For your information only. God bless.
Have a nice day!
Al
--------------||-+------)(-+------------------
Alberto D. Maclang, CCNA
Senior Network Engineer
NSG Philippines, Inc.
Tel: +6349-5412730 to 32 loc 230
--------------)(+----------||+---------------
"Fritz Mesedilla"
<[EMAIL PROTECTED] To: "Philippine Linux Users Group
Mailing List"
media.com> <[EMAIL PROTECTED]>
Sent by: cc:
[EMAIL PROTECTED] Subject: [plug] windows farm and
iptables
x.com
10/24/2003 02:50 PM
Please respond to
Philippine Linux Users
Group Mailing List
Help ulit friends!
I want to secure a windows server farm in our network.
windows farm (exchange and domain controller) --- linux iptables ---
internet
For exchange, what ports do I need to open to the internet? And how do I
proceed?
For the domain controller, what ports do I need to open?
Is opening DNS port 53 enough for the dc to work properly?
Thanks.
fritz <www.mesedilla.com>
---
+ Basta Ikaw Lord
----------------------------------------------------------------------
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender immediately by e-mail and delete this e-mail from your
system. Please note that any views or opinions presented in this
email are solely those of the author and do not necessarily represent
those of the company. Finally, the recipient should check this email
and any attachments for the presence of viruses. The company accepts
no liability for any damage caused by any virus transmitted by this
email.
Overture Media, Inc.
Direct Line: (632) 635-4785
Trunkline: (632) 631-8971 Local 146
Fax: (632) 637-2206
Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave.,
Quezon City 1100
--
Philippine Linux Users' Group (PLUG) Mailing List
[EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
Official Website: http://plug.linux.org.ph
Searchable Archives: http://marc.free.net.ph
.
To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
.
Are you a Linux newbie? To join the newbie list, go to
http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
--
Philippine Linux Users' Group (PLUG) Mailing List
[EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
Official Website: http://plug.linux.org.ph
Searchable Archives: http://marc.free.net.ph
.
To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
.
Are you a Linux newbie? To join the newbie list, go to
http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
