Iptables

David Mair has published a simple Linux firewall configuration tutorial. He will walks you through the creation of a simple iptables firewall explaining how it works along the way. From the article: Most major Linux distributions, SuSE ones included, feature some user interface for firewall configuration. There’s nothing wrong with them but I couldn’t get […]

{ 5 comments }

libwww-perl (LWP) is fine WWW client/server library for Perl. Unfortunately this library used by many script kiddy, crackers, and spam bots. Verify bots… Following is a typical example, you will find in your apache or lighttpd access.log log file: $ grep ‘libwww-perl’ access.log OR $ grep ‘libwww-perl’ /var/log/lighttpd/access.log Output: 62.152.64.210 www.domain.com – [23/Oct/2006:22:24:37 +0000] “GET […]

{ 22 comments }

According to man page: Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. Several different tables may be defined. Each table contains a number of built-in chains and may also contain user defined chains. By default, Iptables log message to a /var/log/messages file. However […]

{ 40 comments }

Someone recently asked me a question: How can I save time and script size by specifying a range of IP addresses or ports using iptables? In old version of iptables IP address ranges are only valid in the nat table (see below for example). However newer version does support option that allows you to specify […]

{ 8 comments }

It is true that connections to remote X Window servers should be always made over SSH. SSH supports X windows connections. So my task was allow X over ssh but block unprivileged X windows mangers TCP ports. The first running server (or display) use TCP port 6000. Next server will use 6001 and so on […]

{ 0 comments }

From my mail bag: How do I accept CIPE connection requests coming from the outside? CIPE stands for Crypto IP Encapsulation (see howto Establishing a CIPE Connection) . It is used to configure an IP tunneling device. For example, CIPE can be used to grant access from the outside world into a Virtual Private Network […]

{ 0 comments }

Someone might attack on your system. You can drop attacker IP using IPtables. However, you can use route command to null route unwanted traffic. A null route (also called as blackhole route) is a network route or kernel routing table entry that goes nowhere. Matching packets are dropped (ignored) rather than forwarded, acting as a […]

{ 31 comments }