[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Network config control by cron
- From: Rick Stevens <rstevens vitalstream com>
- To: Getting started with Red Hat Linux <redhat-install-list redhat com>
- Subject: Re: Network config control by cron
- Date: Fri, 02 Jul 2004 11:58:13 -0700
Steve Larsen wrote:
At 09:35 AM 7/2/2004 -0700, Rick Stevens wrote:
Bob McClure Jr wrote:
On Fri, Jul 02, 2004 at 06:52:48AM -0700, Al Gelders wrote:
Where do I look to find out how to activate and deactivate my ppp
network interface using cron? These days auto disconnect doesn't work
because my system is getting pinged every few seconds by hackers (I
presume).
-- al gelders
agelders lightspeed net
How about blocking pings with your firewall?
That's one option. To shut it down via cron, add this to root's
crontab:
m h * * * /sbin/ifdown ppp0
where "m" = the minute you want it shut down and "h" = the hour you
want it down. E.g. to shut it down at 2:30 p.m.
30 14 * * * /sbin/ifdown ppp0
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens vitalstream com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- grep me no patterns and I'll tell you no lines -
----------------------------------------------------------------------
Hi Rick,
I have a similar question, couldn't he just disable a portion of icmp?
And if so .. how does that work .. disabling say just ping but leaving
rlogin or rcp functional? Maybe I'm not asking this correctly, he could
just comment out those ports and restart his network services, but is
there a way to just chop out ping or rcp .. etc. ?
In iptables, you can block pings by including a rule in the INPUT chain:
iptables -A INPUT -p icmp -j DROP
meaning "add a rule to the INPUT chain so that if the protocol is ICMP,
then drop the packet". You can create additional rules like these to
block and/or allow almost any specific type of packet.
Note that ping (more properly called "ICMP echo"--"ping" is the name
of the program itself) uses the ICMP protocol (separate from TCP or UDP)
and ICMP doesn't use ports.
rlogin, ftp, rcp, ssh, http and most of the rest of the network-based
applications you're familiar with are TCP-based and use ports. TCP
is also connection-oriented, meaning that TCP guarantees delivery of
packets from one end to the other, in sequence and with error checking
(checksums).
Some other applications you know (DNS, NFS, NTP) are UDP-based and also
use ports. UDP, however, is connectionless (it does not guarantee
delivery of any given packet in any specific order and the packets are
not error checked). It is up to the application using UDP to provide
the error checking, packet sequencing and such.
Does that explain it a bit more?
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens vitalstream com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent -
- process. Prepare to vi." -
----------------------------------------------------------------------
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]