Network config control by cron
Rick Stevens
rstevens at vitalstream.com
Fri Jul 2 18:58:13 UTC 2004
Steve Larsen wrote:
> At 09:35 AM 7/2/2004 -0700, Rick Stevens wrote:
>
>> Bob McClure Jr wrote:
>>
>>> On Fri, Jul 02, 2004 at 06:52:48AM -0700, Al Gelders wrote:
>>>
>>>> Where do I look to find out how to activate and deactivate my ppp
>>>> network interface using cron? These days auto disconnect doesn't work
>>>> because my system is getting pinged every few seconds by hackers (I
>>>> presume).
>>>> -- al gelders
>>>> agelders at lightspeed.net
>>>
>>>
>>> How about blocking pings with your firewall?
>>
>>
>> That's one option. To shut it down via cron, add this to root's
>> crontab:
>>
>> m h * * * /sbin/ifdown ppp0
>>
>> where "m" = the minute you want it shut down and "h" = the hour you
>> want it down. E.g. to shut it down at 2:30 p.m.
>>
>> 30 14 * * * /sbin/ifdown ppp0
>> ----------------------------------------------------------------------
>> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
>> - VitalStream, Inc. http://www.vitalstream.com -
>> - -
>> - grep me no patterns and I'll tell you no lines -
>> ----------------------------------------------------------------------
>
>
>
> Hi Rick,
>
> I have a similar question, couldn't he just disable a portion of icmp?
> And if so .. how does that work .. disabling say just ping but leaving
> rlogin or rcp functional? Maybe I'm not asking this correctly, he could
> just comment out those ports and restart his network services, but is
> there a way to just chop out ping or rcp .. etc. ?
In iptables, you can block pings by including a rule in the INPUT chain:
iptables -A INPUT -p icmp -j DROP
meaning "add a rule to the INPUT chain so that if the protocol is ICMP,
then drop the packet". You can create additional rules like these to
block and/or allow almost any specific type of packet.
Note that ping (more properly called "ICMP echo"--"ping" is the name
of the program itself) uses the ICMP protocol (separate from TCP or UDP)
and ICMP doesn't use ports.
rlogin, ftp, rcp, ssh, http and most of the rest of the network-based
applications you're familiar with are TCP-based and use ports. TCP
is also connection-oriented, meaning that TCP guarantees delivery of
packets from one end to the other, in sequence and with error checking
(checksums).
Some other applications you know (DNS, NFS, NTP) are UDP-based and also
use ports. UDP, however, is connectionless (it does not guarantee
delivery of any given packet in any specific order and the packets are
not error checked). It is up to the application using UDP to provide
the error checking, packet sequencing and such.
Does that explain it a bit more?
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent -
- process. Prepare to vi." -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list