> About iptables, why are you setting those rules? It seems pointless to me. It doesn't give you any security. A connection on a given port can't happen, if there aren't any programs listening there. Maybe I'm reading the rules wrong since I rarely use iptables.

I like to run MySQL and Apache and experiment with whatever just for my own experimentation and so the iptables should block access to those services unless they (hopefully at my direction) were to initiate it. I'm behind a firewall/router anyway so it's probably overkill but I wanted to learn iptables a bit anyway. I'm not that advanced but this does seem to work. I do have a very unsecure Windows desktop on my home network.

But I usually don't think about for example my.cnf and changing the listening configuration. That will be something to think about.

Basically, the configuration is

DROP everything unless it meets a different rule with a -j (jump to defined action)

Jump to ACCEPT for all loopback traffic.

Let me initiate connections on these ports:
53,80,123,443,465,546,993,6667 -j ACCEPT *Sometimes I'm still unclear whether tcp or udp are both required so this might be a little fuzzy.

Once I have initiated a connection ACCEPT incoming (ESTABLISHED,RELATED -j ACCEPT) unless it is malformed (INVALID -j DROP)

Everything else not yet dealt with gets dropped and logged.

Reply via email to