On Thu, Dec 21, 2006 at 06:23:55PM +0100, Albert Dengg wrote: > On Thu, Dec 21, 2006 at 06:52:24PM +0200, Andrei Popescu wrote: > > On Thu, Dec 21, 2006 at 09:25:44AM -0500, mutsuura wrote: > > > All > > > > > > Another newbiew question... > > > > > > While browsing my auth.log file, I notice 'many' denial attacks. > > > > > > Eg:... > > > > > > Dec 17 12:25:37 h-66-166-247-242 sshd[21409]: Illegal user sara from > > > 61.82.25.83 > > > AFAIK there is no default firewall. > > > > I always recommend shorewall because it is very powerful, but pretty > > easy to setup. If you prefer a graphical one than firestarter is also a > > good choice. > well, for the typical home user, there is more then enouth in the > default debian install... > > iptables -P INPUT DROP > iptables -P FORWARD DROP > -A INPUT -i lo -j ACCEPT > -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT > > that is normally enouth, just put in into a script that gets executed on > interface activation...
Or just install ipmasq (does ipmasqurade and a generic firewall). Note however, that a firewall is just a last step. You should set ssh to NOT listen to a public interface unless you need that. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
