Good day, Dejan,
On Wed, 17 Feb 1999, Dejan Rackov wrote:
> does anyone know how to protect the masq LAN clients (m$
> Min) against Back Orifice attacks, and how to block masq
> clients to attacks someone else on Internet.
To prevent attacks in both directions, use:
/sbin/ipfwadm -I -i deny -D 0/0 31337 -P udp
To also prevent netbus (another NT trojan) attacks, use
/sbin/ipfwadm -I -i deny -D 0/0 12345 -P tcp
/sbin/ipfwadm -I -i deny -D 0/0 12346 -P tcp
For ipchains firewalls, use:
/sbin/ipchains -I input -d 0/0 31337 -p udp -j DENY
/sbin/ipchains -I input -d 0/0 12345 -p tcp -j DENY
/sbin/ipchains -I input -d 0/0 12346 -p tcp -j DENY
There may be syntax errors in the ipfwadm command - I don't have
access to an ipfwadm machine right now. This also assumes that they use
the standard ports for those attacks.
Cheers,
- Bill
---------------------------------------------------------------------------
Unix _is_ user friendly. It's just very selective about who its friends
are. And sometimes even best friends have fights.
William Stearns ([EMAIL PROTECTED])
Mason, Buildkernel, and named2hosts are at: http://www.pobox.com/~wstearns
---------------------------------------------------------------------------
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
