[BlueOnyx:01047] Re: Iptables
Greg Kuhnert
greg.kuhnert at theanchoragesylvania.com
Fri Apr 10 17:21:24 -05 2009
OK. Point taken. I was assuming that since Richard did not know about
why it was blocked that he probably didn't create the rules :)
But on the topic of blocking attacks... there are some attacks that DFix
blocks that cannot be blocked by IPTables recent modules. For example,
some of the RFI checks.
Regards,
Greg.
--
+---------------------------------------------------------------------+
| / \ Greg Kuhnert, gkuhnert at compassnetworks.com.au |
| < o > Compass Networks - Pointing you in the right direction |
| \ / Check out our website for NuOnce module support. |
+---------------------------------------------------------------------+
Stephanie Sullivan wrote:
>> iptables itself does not block anything.
>>
> Huh? If one does not setup any rules I guess that's true.
>
> If you have setup rules iptables can do quite a lot - including blocking
> brute force attacks pretty effectively!
>
> Thanks,
> -Stephanie
>
>
>> -----Original Message-----
>> From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-
>> bounces at blueonyx.it] On Behalf Of Greg Kuhnert
>> Sent: Friday, April 10, 2009 10:44 AM
>> To: BlueOnyx General Mailing List
>> Subject: [BlueOnyx:01037] Re: Iptables
>>
>> Hi Richard...
>>
>> iptables itself does not block anything. Did you get any alerts from
>> other apps in your inbox? DenyHosts and dfix both alert you of any
>> actions taken. The log file will help you to pinpoint the cause of
>> the
>> dynamic firewall rules.
>>
>> Regards,
>> Greg.
>>
>> --
>> +--------------------------------------------------------------------
>> -+
>> | / \ Greg Kuhnert, gkuhnert at compassnetworks.com.au
>> |
>> | < o > Compass Networks - Pointing you in the right direction
>> |
>> | \ / Check out our website for NuOnce module support.
>> |
>> +--------------------------------------------------------------------
>> -+
>>
>>
>>
>>
>>
>> Richard Sidlin wrote:
>>
>>> I have (another) little issue. One of the servers on my Lan has
>>>
>> been
>>
>>> listed in the iptables and is blocking it. If I remove it and do
>>> service iptables save and restart, it is OK again for about 30
>>>
>> seconds
>>
>>> and then gets blocked again.
>>>
>>> is there a way to say put exceptions in so that cerain IP's don't
>>>
>> get
>>
>>> blocked at all.
>>>
>>> Thanks
>>> -------------------------------------------------------------------
>>>
>> -----
>>
>>> _______________________________________________
>>> Blueonyx mailing list
>>> Blueonyx at blueonyx.it
>>> http://www.blueonyx.it/mailman/listinfo/blueonyx
>>>
>>>
>> _______________________________________________
>> Blueonyx mailing list
>> Blueonyx at blueonyx.it
>> http://www.blueonyx.it/mailman/listinfo/blueonyx
>>
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at blueonyx.it
> http://www.blueonyx.it/mailman/listinfo/blueonyx
>
More information about the Blueonyx
mailing list