On Wed, 04 Jun 2003, Lukas Ruf wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > Hallo * Vittorio <[EMAIL PROTECTED]> [2003-06-04 13:15]: > > > > Now I DON'T want that from the outside world, from the Internet via > > ppp0 someone could access my imap server which is on duty for my > > internal network only. > > > > What IPTABLES lines should I add to my firewall to avoid these > > intrusions? > > > > iptables -A INPUT -i ppp0 -p TCP --dport imap -j DROP > iptables -A INPUT -i ppp0 -p TCP --dport imaps -j DROP
I'd do it slightly differently. First, check in /etc/<package>/ and try to set the daemons up to listen to only the inside port. If its started from inetd, look into the xinetd package. Then, I'd set up the ip tables to reject, not drop the packets. This is a personaly choice, but IM(very)HO, networks work better when packets don't disappear into the ether. :) Just my two cents, Jesse Meyer -- ...crying "Tekeli-li! Tekeli-li!"... ~ HPL icq : 34583382 | === ascii ribbon campaign === msn : [EMAIL PROTECTED] | () - against html mail yim : tsunad | /\ - against proprietary attachments
pgp00000.pgp
Description: PGP signature