need a volunteer

Kirk Wood cpt.kirk at 1tree.net
Sat Oct 28 14:28:56 EDT 2000


This is not a complete script, but will add security to prevent external
people from accessing your mail host.
ipchains -A input -p tcp -d externalip:25 -j DENY
Going sown the command the -A input add a rule to the input chain. The -p
tcp specifies tcp protocol and is needed to specify a port. The -d
externip:25 specifies anything addressed to your externalip address port
25. (In case you didn't get it, you will substitute your external ip
address here.) The -j DENY causes the packet to simply be dropped. No
further action is taken. No ICMP message is genereated. It is as if the
packet never came. You could opt for REJECT here in which case an ICMP
packet will be sent to let the offending host know that he can't send
here.

Without getting into an argument about security through obsecurity I
choose to be less of a target. I don't count on script kiddies not finding
me. But I prefer to not advertise my presence either.

=======
Kirk Wood
Cpt.Kirk at 1tree.net






More information about the Speakup mailing list