[Linux-Biella] Problemino con IPTables

Luca Bertoncello linux@ml.bilug.linux.it
Thu, 6 May 2004 09:54 +0200

Previous message: [Linux-Biella] sshd o non sshd?
Next message: [Linux-Biella] Problemino con IPTables
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ciao a tutti!

Problemino (sono io o e' IPTables?):

Ho scritto alcune regole di IPTables per proteggere un Server.
Le regole sono:

#!/bin/sh

/sbin/iptables -F

/sbin/iptables -A INPUT -d 62.75.208.62 -s lucabert.homelinux.net -p TCP -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -s 202.144.58.98 -j DROP
/sbin/iptables -A INPUT -d 62.75.208.62 -s 213.66.228.229 -j DROP
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -i venet+ -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -s 62.75.208.62 -j ACCEPT
/sbin/iptables -A INPUT -d 127.0.0.1 -s 127.0.0.1 -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -p icmp --icmp-type echo-request -m limit --limit 6/m --limit-burst 5 -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -p tcp -m multiport --dports smtp,domain,http,https -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -p udp -m multiport --dports domain -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -p tcp -s dns.regis.info -m multiport --dports ssh,ftp,10022 -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -p tcp -s www.jia.it -m multiport --dports ssh,ftp,10022 -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -p tcp -s 195.180.115.6 -m multiport --dports ssh,ftp,10022 -j ACCEPT
/sbin/iptables -A INPUT -d 62.75.208.62 -j DROP

Purtuttavia, da una macchina totalmente estranea (quella del buon CMaffio), un NMap da questi risultati:

# nmap 3.48 scan initiated Thu May  6 09:34:45 2004 as: nmap -sS -O -PI -PP -PM -PT -PS -PU -oN lucabert 62.75.208.62 
Interesting ports on ns.lucabert.de (62.75.208.62):
(The 1649 ports scanned but not shown below are in state: closed)
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop-3
443/tcp  open  https
3306/tcp open  mysql
Device type: PDA
Running: Linux 2.4.X
OS details: Linux 2.4.6 as on Sharp Zaurus PDA
Uptime 8.711 days (since Tue Apr 27 16:30:53 2004)

# Nmap run completed at Thu May  6 09:35:21 2004 -- 1 IP address (1 host up) scanned in 36.109 seconds

Come dire: e' tutto aperto e delle tue regole mi faccio una pippa...

Cosa sbaglio? Com'e' possibile che le regole non vengano interpretate?

Ciao
Luca

Previous message: [Linux-Biella] sshd o non sshd?
Next message: [Linux-Biella] Problemino con IPTables
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]