Attacks ? Router & Server kolimata - Security Problem
Polychronis Ypodimatopoulos
ypol at intracom.gr
Wed Dec 15 12:29:34 EET 2004
Exo tin entuposi oti to zyxel prestige 600 den exei firewall sto opoio
mporeis na baleis rules, alla mono kapoia options gia na epitrepeis
kinisi se orismena ports.
Tha elega oti i xrisi enos firewall se kathe server tou diktuou sou
einai aparaititi os ena epipleon metro prostasias pou aplos se
diasfalizei se orismenes periptoseis alla oxi se oles.
To parakato einai very very simple firewall pou prepei na emploutiseis
kai na prosarmoseis stis anagkes sou.
An se kapoio server exeis 2 kartes diktuou kai leitourgei os router apo
ti mia karta diktuou stin alli tote prepei na afaireseis ti grammi pou
anaferei to "FORWARD".
Sti grammi pou grafei sourceIP tha prepei na antikatastiseis to SOURCEIP
me tin IP address gia tin opoia theleis na epitrepseis prosbasi sto
sugkekrimeno mixanima pou tha trexei to firewall kai to DESTPORT me to
port (px 80) tou topikou mixanimatos sto opoio theleis na epitrepseis
tin prosbasi. Ti grammi auti mporeis na tin epanalabeis oses fores
theleis.
Genika sou proteino na diabaseis guro apo firewalls oste na to kaneis
oso pio asfales ginetai periorizontas ti xrisi tou server sta apolutos
aparaitita.
=================firewall start=
#!/bin/sh
iptables -F
iptables -t nat -F
iptables -t mangle -F
# Spoofing Protection
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo 1 > $f
done
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -d 192.168.1.255 -j ACCEPT
iptables -A INPUT -d SOURCEIP -p tcp --dport DESTPORT -j ACCEPT
iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP
=================firewall end=
Episeis, prepei na koitas taktika (eos polu taktika) ta eksis:
/var/log/secure
/var/log/httpd/*
Akoma, einai kalo na katalabeis giati kollane ta mixanimata! Poio
process euthinetai? Mipos den exeis xoro ston HD?
> Eyxaristo, episis, ton k. Polychroni gia tin apantisi toy.
:-))) auto to brika polu asteio.... Na 'sai kala teknon mou!
Happy hunting.... :-))))
More information about the Linux-greek-users
mailing list