XMarkoX
Java, c++ coder + cracker
There's this ipkungfu named iptables-script which helps a bit with securing your system. Thought I'd share it for those who don't know about it. It's pretty easy to mess around with it, and configure the way you like. I'm not the original creator of this article.
Edit: cursed be this cold! Forgot to mention that this is for Debian based systems
Download and install:
Configuring:
Uncommenting and adjusting:
Enable to start ipkungfu with the system:
change: "IPKFSTART = 0" ---> "IPKFSTART=1"
start ipkungfu:
Fire it up!
Edit: cursed be this cold! Forgot to mention that this is for Debian based systems
Download and install:
Code:
$ sudo apt-get install ipkungfu
Configuring:
Code:
$ sudo geany /etc/ipkungfu/ipkungfu.conf
Uncommenting and adjusting:
Code:
# IP Range of your internal network. Use "127.0.0.1"
# for a standalone machine. Default is a reasonable
# guess.
LOCAL_NET="192.168.1.0/255.255.255.0"
---
# Set this to 0 for a standalone machine, or 1 for
# a gateway device to share an Internet connection.
# Default is 1.
GATEWAY=0
---
# Temporarily block future connection attempts from an
# IP that hits these ports (If module is present)
FORBIDDEN_PORTS="135 137 139"
---
# Drop all ping packets?
# Set to 1 for yes, 0 for no. Default is no.
BLOCK_PINGS=1
---
# What to do with 'probably malicious' packets
#SUSPECT="REJECT"
SUSPECT="DROP"
---
# What to do with obviously invalid traffic
# This is also the action for FORBIDDEN_PORTS
#KNOWN_BAD="REJECT"
KNOWN_BAD="DROP"
---
# What to do with port scans
#PORT_SCAN="REJECT"
PORT_SCAN="DROP"
Enable to start ipkungfu with the system:
Code:
$ sudo geany /etc/default/ipkungfu
change: "IPKFSTART = 0" ---> "IPKFSTART=1"
start ipkungfu:
Code:
$ sudo ipkungfu
Fire it up!