To turn IPTABLES on every boot automaticaly:
/sbin/chkconfig iptables on
To check status IPTABLES: iptables -L
To delete all parameters in IPTABLES: iptables -D
# Drop ICMP echo-request messages sent to broadcast or multicast addresses
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
# Drop source routed packets
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
# Enable TCP SYN cookie protection from SYN floods
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
# Reject ICMP redirect messages, system will not reply when get ping
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
# Reject ICMP redirect messages
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
# Enable source address spoofing protection, any package that pretend from internal network will be rejected
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
# Log packets with impossible source addresses
echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
Read more. Lanjutkan!
No comments:
Post a Comment