mailing list archives
RE: Basic rules for IPTABLES protection
From: "Michael Sconzo" <msconzo () tamu edu>
Date: Mon, 25 Nov 2002 16:38:49 -0600
-----BEGIN PGP SIGNED MESSAGE-----
You should block ALL private IP ranges, both ingress and egress from
This also entails 192.168.0.0/16 and 172.16.0.0/12 including the
10.0.0.0/8. Other good things to block:
Internal IPs on the exteral interface
127.0.0.0/8 (loopback) on internal or external interfaces
You could also filter ICMP inbound and outbound
Also, make sure to only allow the necessary inbound/outbound ports.
A good rule of thumb is that which is not explicitly allowed should
This is by no means a comprehensive list of things to filter but its
a good starting set.
- -----Original Message-----
From: Erick Arturo Perez Huemer [mailto:eperez () compuservice net]
Sent: Saturday, November 23, 2002 12:28 AM
To: security-basics () securityfocus com
Subject: Basic rules for IPTABLES protection
I am about to install a RedHat 8.0 box with iptables to act as our
firewall for our internal network that consists of 20 machines.
Besides doing a -j drop on our external interface when receives a
with source equal to our internal network, what other measures we
We do host an SMTP server but nothing else. I have read about
10.x.x.x addresses but also read that "some" routers/sites use those
addresses. Any anti-DoS rules? More settings?
Or maybe a link to a site that offers suggestion for proper firewall
Thanks in advance,
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----