CSI (Security Policy) Help
Stephen John Smoogen
smooge at gmail.com
Sun Feb 1 19:08:51 UTC 2009
On Sat, Jan 31, 2009 at 10:09 PM, Frank Chiulli <frankc.fedora at gmail.com> wrote:
>
> I'm not running samba. If I put the following rule before the LOG
> rule, will the packets be dropped and the messages stopped?
>
> -A INPUT -p udp -s 192.168.0.0/24 -d 192.168.0.0/24 -m multiport
> --ports 137,138 -j DROP
>
I normally go with 135:139 as they are noisy ports. On a public
network I have a list of ports I drop because they are noisy
-A INPUT -p tcp -m tcp --dport 67:68 -j DROP
-A INPUT -p tcp -m tcp --dport 135:139 -j DROP
-A INPUT -p tcp -m tcp --dport 445 -j DROP
-A INPUT -p udp -m udp --dport 67:68 -j DROP
-A INPUT -p udp -m udp --dport 135:139 -j DROP
-A INPUT -p udp -m udp --sport 177 --dport 177 -j DROP
-A INPUT -p udp -m udp --dport 445 -j DROP
-A INPUT -p udp -m udp --dport 1024:1030 -j DROP
The 1024:1030 UDP drop the enormouse anmount of UDP pop-up spam.
--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
More information about the Fedora-infrastructure-list
mailing list