[ILUG] Am I being persecuted?
Timothy Murphy
tim at birdsnest.maths.tcd.ie
Tue Oct 19 13:37:33 IST 2004
On Tuesday 19 October 2004 13:12, Barry O'Donovan wrote:
> > Will they be able to get past my filewall?
> > (I'm running the standard shorewall setup.)
>
> If you have those log messages they already are past your firewall.
> Either it's not running, it's not configured properly or you've
> configured it to allow SSH access through.
That is what I thought.
However, I just followed the model in the shorewall "two-interfaces" setup.
I must say I don't understand the resulting iptables listing:
=======================================
[root at alfred shorewall]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level warning
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:time
ACCEPT tcp -- anywhere anywhere tcp dpt:time
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
=======================================
This seems very open to me.
--
Timothy Murphy
e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
More information about the ILUG
mailing list