you are using the --syn option, so you only are preventing establishing new
connections, you are not dropping the established ones, so perhaps the
connections are alive because they were established before you applied the
rule...
HTH,
José Luis Ledesma
_______________
Competitiveness
Telephone: +34 93 582 02 90
Email: jledesma@competitiveness.com
Website: http://www.competitiveness.com
-----Original Message-----
From: lab.civitanova@unimc.it [mailto:lab.civitanova@unimc.it]
Sent: miércoles, 30 de junio de 2004 10:58
To: suse-security@suse.com
Subject: Re: [suse-security] How to drop Winmx p2p
Scrive Markus Gaugusch
On Jun 30, lab.civitanova@unimc.it
wrote: How can I stop winmix peer to peer connections? I try in my gateway machine to write this : "iptables -A FORWARD -p tcp --syn -dport 6699 -j
DROP", but it doesn't work. Winmix seem to connect anyway with a remote host at the port 6699.
First: Better stop all traffic except for "known good" ports. There are so
many was to do file sharing, that you can hardly prevent them by firewalling.
Second: You probably have another rule that allows all traffic and the rule above is appended to your ruleset. Better use -I (insert) and not -A (append).
Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Thanks everybody but nothing to do!!! Winmix connection seem to be alive anyway!!!! I try other ways Bye Bye -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (1)
-
José Luis Ledesma