Chris, Chris Rowson wrote:
> Just a quicky. I've been mucking around with iptables for a while, but > I'm still a bit shaky with them. Would anyone mind checking this over > for me please? I'm not sure about how correct these rules are, but have you considered using something like fwbuilder or shorewall to generate the rules for you? And you may want to allow some ICMP stuff through. Depends how visible you want to be on the net! Oh, and if you are allowing ssh, then consider running fail2ban or denyhosts to stop dictionary attacks via ssh, which are very common. Regards, Tony. -- Tony Arnold, Tel: +44 (0) 161 275 6093 Head of IT Security, Fax: +44 (0) 870 136 1004 University of Manchester, Mob: +44 (0) 773 330 0039 Manchester M13 9PL. Email: [EMAIL PROTECTED] -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.org/UKTeam/
