[olug] compromised again
Phil Brutsche
pbrutsch at creighton.edu
Sun Oct 1 21:50:40 UTC 2000
A long time ago, in a galaxy far, far way, someone said...
> Ok......I have these rules in there now.
> ipchains -A input -p tcp -s 0/0 25 -d 0/0 1024: -j ACCEPT
> ipchains -A input -p udp -s 0/0 25 -d 0/0 1024: -j ACCEPT
They're a bit general - IMO it would be better to explicitly say which IPs
can connect. Generally speaking it allows incoming SMTP data on a SMTP
conection you initiated.
> I'm guessing the udp protocol isn't needed at all.
No it's not.
> These rules were given to me by another person in olug so I have no
> clue what 1024 is either :)
The "-d 0/0 1024:" says "destination of any IP number and port number 1024
and higher".
> The -s 0/0 just means source ip of anywhere correct?
Yes.
> In any case I'm going to put your rules in rc.firewall and take the
> current rules for port 25 out.
> I think I'm a good candidate too for the Linksys Cablemodem/DSL router,at
> least until I understand firewall rules better because I'm sick of getting
> cracked and reinstalling my o/s.
> Do you by chance know a address for their homepage?
http://www.linksys.com
You can get them locally at Nebraska Furniture Mart and BestBuy (among
other places) although you can get better deals ($20-$30 or so less) on
ebay.
--
----------------------------------------------------------------------
Phil Brutsche pbrutsch at creighton.edu
"There are two things that are infinite; Human stupidity and the universe.
And I'm not sure about the universe." - Albert Einstein
---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net
More information about the OLUG
mailing list