sslug-teknik team mailing list archive

[Kristian Vilmann <kvi@xxxxxxxx>]

Hans Christian Studt wrote:
> Kristian Vilmann wrote:
>
> > Iptables er en filterfirewall
> >
> > Havd siger /sbin/iptables -L -n
>
>
> (/etc) #/sbin/iptables -L -n
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> RH-Lokkit-0-50-INPUT  all  --  0.0.0.0/0            0.0.0.0/0
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain RH-Lokkit-0-50-INPUT (1 references)
> target     prot opt source               destination
> ACCEPT     udp  --  193.162.153.164      0.0.0.0/0          udp spt:53 
> dpts:1025:65535
> ACCEPT     udp  --  194.239.134.83       0.0.0.0/0          udp spt:53 
> dpts:1025:65535
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp 
> dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable
> REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:2049 
> flags:0x16/0x02 reject-with icmp-port-unreachable
> REJECT     udp  --  0.0.0.0/0            0.0.0.0/0          udp 
> dpts:0:1023 reject-with icmp-port-unreachable
> REJECT     udp  --  0.0.0.0/0            0.0.0.0/0          udp dpt:2049 
> reject-with icmp-port-unreachable
> REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp 
> dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachable
> REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:7100 
> flags:0x16/0x02 reject-with icmp-port-unreachable


Stop din firewall. NU! :)
/etc/init.d/iptables stop && /sbin/chkconfig iptables off

Eller modificer /etc/sysconfig/iptables så den passer til dit behov. 
Spørg hvordan ovre på sslug-sikkerhed.

/kristian

--
Sobiety fuckin' sucks!
- Ozzy Osbourne