On Saturday, November 2, 2002, at 02:50 PM, linux power wrote:
It seems that masqureade use netbios-ns port to broadcast for the whole world thats its seeking a vacant ip address.That it a major firewall problem in my computer because I cant close the netbios ports, and result in hacking attempts all the time.The netbios-ns service uses tcp/137. Masquerading neither uses it, nor does it "broadcast for the whole world that its seeking a vacant ip address."
Nobody told me that when they recommended masqurade.
You've posted more than once with stories of your systems being hacked - I can only assume this means you've had multiple intrusions. Perhaps you should read some howtos, or read up on securing your systems. While you're at it, you should also backup data files, and perform a clean (as in format the drives) installation of your operating systems.
Assuming a simple configuration, eth0 on the inside, eth1 on the outside, no inbound access, you would be safe with something as simple as:
# Safe default policies
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# allow established and related connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
# allow localhost communication
iptables -A INPUT -i lo -j ACCEPT
# allow inbound from internal network, allow internal network to go out to the Internet
iptables -A INPUT -m state -i eth0 --state NEW -j ACCEPT
iptables -A FORWARD -m state -i eth0 --state NEW -j ACCEPT
# setup NAT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
There, I've fixed your hacking problems in 9 lines. To save that, run "service iptables save".
--
Jason Costomiris <><
E: jcostom {at} jasons {dot} org / W: http://www.jasons.org/
Quidquid latine dictum sit, altum viditur.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
