> About iptables, why are you setting those rules? It seems pointless to me.
It doesn't give you any security. A connection on a given port can't happen,
if there aren't any programs listening there. Maybe I'm reading the rules
wrong since I rarely use iptables.
I like to run MySQL and Apache and experiment with whatever just for my own
experimentation and so the iptables should block access to those services
unless they (hopefully at my direction) were to initiate it. I'm behind a
firewall/router anyway so it's probably overkill but I wanted to learn
iptables a bit anyway. I'm not that advanced but this does seem to work. I do
have a very unsecure Windows desktop on my home network.
But I usually don't think about for example my.cnf and changing the listening
configuration. That will be something to think about.
Basically, the configuration is
DROP everything unless it meets a different rule with a -j (jump to defined
action)
Jump to ACCEPT for all loopback traffic.
Let me initiate connections on these ports:
53,80,123,443,465,546,993,6667 -j ACCEPT *Sometimes I'm still unclear whether
tcp or udp are both required so this might be a little fuzzy.
Once I have initiated a connection ACCEPT incoming (ESTABLISHED,RELATED -j
ACCEPT) unless it is malformed (INVALID -j DROP)
Everything else not yet dealt with gets dropped and logged.