Mailinglist Archive: opensuse-security (670 mails)

[BLeonhardt@xxxxxxxxxxx]

NO,
I didn't mean incoming calls , I did mean trying to connect to port 25 for
example ...

I know ... there is a possibility to log all connection-tryings with
iptables ... I need the rule ... and maybe you can define a log-file ???

Mit freundlichen Grüßen
Bruno Leonhardt

CLP Domino R5 Systemadministrator
________________________________________________________________________________________________________

AnalyTek Systemhaus
Hospitalstr. 2a

D-65589 Hadamar

Tel.: 06433/81403-15
Fax : 06433/81403-40


                                                                                                                   
                    "Thomas                                                                                        
                    Schmidt"             An:     <BLeonhardt@xxxxxxxxxxx>, <suse-security@xxxxxxxx>                
                    <ts@xxxxxxxx>        Kopie:                                                                    
                                         Thema:  RE: [suse-security] Antwort: Re: [suse-security] IPTables         
                    27.11.01                                                                                       
                    16:52                                                                                          
                                                                                                                   
                                                                                                                   




> OK ... I've mailed another question too ... how to log all incoming
> connections on device ippp0 ??? and how to set a limit per second ???

All incoming calls were always logged in /var/log/isdnlog
Which type of limit? I only now the command to hang up after x sec
without traffic.
You should configure this with yast or type in tewh command directly
isdnctrl huptimeout ippp0 <time in sec>




>
> Mit freundlichen Grüßen
> Bruno Leonhardt
>
> CLP Domino R5 Systemadministrator
> ______________________________________________________________
> __________________________________________
>
> AnalyTek Systemhaus
> Hospitalstr. 2a
>
> D-65589 Hadamar
>
> Tel.: 06433/81403-15
> Fax : 06433/81403-40
>
>
>
>
>                     Peter Wiersig
>
>                     <wiersig@glam        An:
> suse-security@xxxxxxxx
>                     us.de>               Kopie:
>
>                                          Thema:  Re:
> [suse-security] IPTables
>                     27.11.01
>
>                     16:24
>
>
>
>
>
>
>
>
>
> On Tuesday, 27. November 2001 16:06 Bjoern Engels wrote:
> > On Tuesday, 27. November 2001 15:55, Arthur H. Johnson II wrote:
> >
> > > Try "iptables -I INPUT -i eth0 -p icmp -j DENY".
> >
> > I wouldn't do that because ICMP is not evil, it helps your
> box if errors
> > occur. Better try
> >
> > iptables -A INPUT -i eth0 -p icmp --icmp-types \
> >   destination-unreachable source-quench time-exceeded  echo-reply \
> >    parameter-problem -j ACCEPT
> >
> > iptables -A INPUT -i eth0 -p icmp -j DENY
>
> or don't use iptables for an option which can be handled by the kernel
> directly:
> /proc/sys/net/ipv4/icmp_echo_ignore_all
>
> e.g. put "cat 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all" in
> boot.local
>
> Peter
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>
>
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>

--
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx