IPtables - Trabalhando com Módulos
O objetivo do artigo, é mostrar como expandir o uso do IPtables usando módulos, para construir um Firewall bem elaborado e que
atenda às suas necessidades.[ Hits: 90.768 ]
Por: Perfil removido em 02/03/2012
Qua Fev 22 13:42:37 BRT 2012
ssh: connect to host 192.168.20.10 port 22: Connection refused
Chain INPUT (policy ACCEPT 1298 packets, 213K bytes)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:63000 recent: SET name: openssh side: source
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 recent: UPDATE name: openssh side: source
1 60 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 reject-with icmp-port-unreachable
Qua Fev 22 14:12:08 BRT 2012
Trying 192.168.20.10...
telnet: Unable to connect to remote host: Connection refused
Chain INPUT (policy ACCEPT 89 packets, 11250 bytes)
pkts bytes target prot opt in out source destination
1 60 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:63000 recent: SET name: openssh side: source reject-with icmp-port-unreachable
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 recent: UPDATE name: openssh side: source
1 60 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 reject-with icmp-port-unreachable
src=192.168.20.20 ttl: 64 last_seen: 1051576 oldest_pkt: 1 1051576
Qua Fev 22 14:15:39 BRT 2012
edson@192.168.20.10's password:
Last login: Tue Feb 21 23:50:31 2012 from abrtop.local
Qua Fev 22 14:16:10 BRT 2012
ssh: connect to host 192.168.20.10 port 22: Connection refused
Chain INPUT (policy ACCEPT 422 packets, 52871 bytes)
pkts bytes target prot opt in out source destination
1 60 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:63000 recent: SET name: openssh side: source reject-with icmp-port-unreachable
18 2797 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 recent: UPDATE name: openssh side: source
2 180 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 reject-with icmp-port-unreachable
src=192.168.20.20 ttl: 64 last_seen: 1117918 oldest_pkt: 18 1051576, 1117174, 1117174, 1117178, 1117178, 1117178, 1117178, 1117182, 1117189, 1117199, 1117199, 1117291, 1117790,
1117801, 1117801,
1117804, 1117808, 1117918
Qua Fev 22 19:29:17 BRT 2012
ssh: connect to host 192.168.20.10 port 22: Connection refused
Chain INPUT (policy ACCEPT 34 packets, 4200 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state RELATED,ESTABLISHED
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:558 recent: SET name: timessh side: source reject-with icmp-port-unreachable
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x17/0x02 recent: UPDATE seconds: 30 hit_count: 2 name: timessh side: source
1 60 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 reject-with icmp-port-unreachable
Qua Fev 22 19:30:18 BRT 2012
Trying 192.168.20.10...
telnet: Unable to connect to remote host: Connection refused
Qua Fev 22 19:30:30 BRT 2012
ssh: connect to host 192.168.20.10 port 22: Connection refused
Chain INPUT (policy ACCEPT 90 packets, 11028 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state RELATED,ESTABLISHED
1 60 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:558 recent: SET name: timessh side: source reject-with icmp-port-unreachable
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x17/0x02 recent: UPDATE seconds: 30 hit_count: 2 name: timessh side: source
2 120 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 reject-with icmp-port-unreachable
Qua Fev 22 19:30:36 BRT 2012
Trying 192.168.20.10...
telnet: Unable to connect to remote host: Connection refused
Qua Fev 22 19:30:38 BRT 2012
edson@192.168.20.10's password:
Last login: Wed Feb 22 19:18:27 2012 from abrtop.local
Chain INPUT (policy ACCEPT 104 packets, 12463 bytes)
pkts bytes target prot opt in out source destination
16 2737 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state RELATED,ESTABLISHED
2 120 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:558 recent: SET name: timessh side: source reject-with icmp-port-unreachable
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x17/0x02 recent: UPDATE seconds: 30 hit_count: 2 name: timessh side: source
2 120 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 reject-with icmp-port-unreachable
src=192.168.20.20 ttl: 64 last_seen: 5841279 oldest_pkt: 2 5836616, 5841279
filename: /lib/modules/2.6.29.4-167.fc11.i686.PAE/kernel/net/netfilter/xt_recent.ko alias: ip6t_recent alias: ipt_recent license: GPL description: Xtables: "recently-seen" host matching for IPv4 author: Jan Engelhardt author: Patrick McHardy srcversion: 0CA8710587603DFF5C5923B depends: vermagic: 2.6.29.4-167.fc11.i686.PAE SMP mod_unload 686 parm: ip_list_tot:number of IPs to remember per list (uint) parm: ip_pkt_list_tot:number of packets per IP to remember (max. 255) (uint) parm: ip_list_hash_size:size of hash table used to look up IPs (uint) parm: ip_list_perms:permissions on /proc/net/xt_recent/* files (uint) parm: ip_list_uid:owner of /proc/net/xt_recent/* files (uint) parm: ip_list_gid:owning group of /proc/net/xt_recent/* files (uint)
Escreva para o VOL - Contribua você também!
Formatando texto no Open Office
CentOS - Pós-instalação básica
Firewall rápido e seguro com iptables
Servidor Firewall-Proxy utilizando CentOS, IPtables, Squid, DHCP, DNS e outros
Endian Firewall - Solução completa para um servidor de internet
Firewall Linux - Roteamento avançado usando iproute2 e iptables (load balance)
Entendendo TCP/IP (Parte 5) - Portas TCP/UDP
Compartilhando a tela do Computador no Celular via Deskreen
Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota
Configuração para desligamento automatizado de Computadores em um Ambiente Comercial
Como renomear arquivos de letras maiúsculas para minúsculas
Imprimindo no formato livreto no Linux
Vim - incrementando números em substituição
Efeito "livro" em arquivos PDF
Como resolver o erro no CUPS: Unable to get list of printer drivers
Instalação Uefi com o instalador clássico do Mageia (0)
É cada coisa que me aparece! - não é só 3% (2)
SysAdmin ou DevOps: Qual curso inicial pra essa área? (1)
Alguma pessoa pode me ajudar com drriver Core i3 7020u (Debian 12)? (2)
[Python] Automação de scan de vulnerabilidades
[Python] Script para analise de superficie de ataque
[Shell Script] Novo script para redimensionar, rotacionar, converter e espelhar arquivos de imagem
[Shell Script] Iniciador de DOOM (DSDA-DOOM, Doom Retro ou Woof!)
[Shell Script] Script para adicionar bordas às imagens de uma pasta