Date: Tue, 21 Sep 1999 17:01:05 -0700 (PDT) From: "Eric J. Schwertfeger" <ejs@bfd.com> To: Joe Bo <ibjoe@home.com> Cc: Ben Smithurst <ben@scientia.demon.co.uk>, freebsd-questions@FreeBSD.ORG Subject: Re: is this an attack? Message-ID: <Pine.BSF.4.05.9909211652170.29418-100000@harlie.bfd.com> In-Reply-To: <2.2.32.19990921233851.008d4358@netmail.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 21 Sep 1999, Joe Bo wrote: > Thanks. I have those services open for use on my internal net. > I haven't figured out yet how to disable them on my external > network card and at the same time leave them enabled on my > internal network card. I never telnet/ftp/etc over the public > network to my machine, I do have and use ssh for that. The easiest way is to enable ipfw filtering on your machine. These are the kinds of rules I use in a similar machine.... /sbin/ipfw add 100 allow tcp from any to any 25,53,79,80 recv de0 /sbin/ipfw add 110 allow udp from any to any 53 recv de0 /sbin/ipfw add 120 deny tcp from any to any 1-1023 recv de0 /sbin/ipfw add 130 deny udp from any to any 1-1023 recv de0 The idea is to allow incoming traffic to services available to the outside, then deny all other privledged ports, just in case. (My standard security stance is to block all but that which is permitted in the privledged port ranges, and allow all that isn't forbidden outside that range). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9909211652170.29418-100000>