On Tue, 10 Nov 2009 18:06:50 +1000, "Rick Phillips" <[email protected]> said: > I am not very good at IPTables and was seeking opinions as to whether > this formula would work to fully block a connection from computer A to B > but allow ssh and web only from B to A. The tables would reside on A.
In addition to rate limiting, dns, ntp (which others have mentioned), you should also consider protecting against route spoofing and RFC1918 addresses (192.168, etc). You can write all the iptables rules yourselves, or better use something like Shorewall http://www.shorewall.net/ Sonia. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
