Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


10 iptables rules to help secure your Linux box

Feb 20, 2009, 15:31 (0 Talkback[s])
(Other stories by Jack Wallen)

"8: iptables -N port-scan

"This is the beginning of a rule to block furtive port scanning. A furtive port scan is a scan that detects closed ports to deduce open ports. Two more lines are needed to complete this rule:

"iptables -A port-scan -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j RETURN
iptables -A port-scan -j DROP

"Notice that the above rule set is adding a new chain called "port-scan". You don;t have to name it such; it's just easier to keep things organized. You can also add timeouts to the above rule set like so:

"iptables -A specific-rule-set -p tcp --syn -j syn-flood
iptables -A specific-rule-set -p tcp --tcp-flags SYN,ACK,FIN,RST RST -j port-scan

Complete Story

Related Stories: