TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:11306] Mediaone & bootpc



> > Mostly because I also use Skypoint and want to switch between 'em, but also
> > because since I've had the two-way service (3 days), I've been port scanned
> > 3 times, unsuccessfully telnet'ed to twice, etc, etc.  The script kiddies
> > seem to view Mediaone as fertile ground.
> 
> Pardon my ignorance but how do you know that?


# Setup Firewalling
/sbin/ipchains -F
/sbin/ipchains -P input ACCEPT                                 
/sbin/ipchains -P forward DENY
/sbin/ipchains -P output ACCEPT
# block all access to privleged ports except the ones I want
/sbin/ipchains -N nopriv
/sbin/ipchains -A nopriv -p tcp -d 192.168.100.2 113 -j ACCEPT
/sbin/ipchains -A nopriv -p tcp -d 192.168.100.2 80 -j ACCEPT
/sbin/ipchains -A nopriv -p tcp -d 192.168.100.2 23 -j ACCEPT
# /sbin/ipchains -A nopriv -p tcp -d 192.168.100.2 20:21 -j ACCEPT
/sbin/ipchains -A nopriv -l -j REJECT
/sbin/ipchains -A input -p tcp -d 192.168.100.2 0:1023 -j nopriv
/sbin/ipchains -A input -p udp -d 192.168.100.2 0:1023 -j nopriv
# ipmasq
/sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ

echo "1" > /proc/sys/net/ipv4/ip_forward