Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] which ports to block ?
>> hi,
>>
>> i have written my own firewall script to protect my homelan using
>> iptables. i drop all connections from the outside made to ports 0-1023
>> and accept all connects to port 1024 and above. this protects my
>> system from connects via telnet, ssh, ftp aso., but are there any of
>> the upper ports that i should block as well ? i left them untouched,
>> because data is transfered on the higher ports after connection has
>> been established.
>
>A rule like:
>
>iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
>
>would also imho be a good solution. With that rule, all connections which
>are established or are related to one established connection would go
>through.
>

But only with effect, if the default policy 4 the INPUT chain is set to DROP/DENY

So check that.

Michael Appeldorn



< Previous Next >
References