Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Basic rules for IPTABLES protection

From: "BurntCircuit" <burntcircuit () phreaker net>
Date: Tue, 26 Nov 2002 12:24:00 -0500
first i would sigjest getting a distro that takes a little less work out of
the box... a firewall is only as safe as the box running it... as to rules
and such i would sigjest getting your hands on a copy of Linix Firewalls by
Robert Ziegler (
http://www.amazon.com/exec/obidos/tg/detail/-/0735710996/qid=1038331175/sr=8
-1/ref=sr_8_1/104-8526399-3801557?v=glance&s=books&n=507846 ) that should
have all the info you need...

-----Original Message-----
From: Erick Arturo Perez Huemer [mailto:eperez () compuservice net]
Sent: Saturday, November 23, 2002 01:28
To: security-basics () securityfocus com
Subject: Basic rules for IPTABLES protection


I am about to install a RedHat 8.0 box with iptables to act as our
firewall for our internal network that consists of 20 machines.

Besides doing a -j drop on our external interface when receives a packet
with source equal to our internal network, what other measures we have
to take?

We do host an SMTP server but nothing else. I have read about blocking
10.x.x.x addresses but also read that "some" routers/sites use those
addresses. Any anti-DoS rules? More settings?

Or maybe a link to a site that offers suggestion for proper firewall
configurations....

Thanks in advance,

Erick.
Previous By Date Next
Previous By Thread Next

Current thread: