Re: attempts to hack in?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 06/29/2017 07:56 PM, Doug wrote:


On 06/29/2017 09:40 PM, Mike Wright wrote:

On 06/29/2017 06:48 PM, Doug wrote:


On 06/29/2017 08:32 PM, JD wrote:



On 06/29/2017 07:10 PM, jdow wrote:
iptables -t filter -A IN_public_deny -p tcp --dport pop3s --syn -m recent --name pop3s_attack --rcheck --seconds 90 --hitcount 2 -j LOG --log-prefix 'SSH2 REJECT: ' --log-level info 
My iptables replied:
iptables: No chain/target/match by that name.

How is it created?


How is WHAT created? I'm snowed!


Hi Doug,
Since firewalld didn't recognize that chain I'm starting to wonder if you are even running a firewall on your system which, if not, puts your system at great risk.
As root type "iptables-save". If you get a lot of output you have some sort of firewalling in place. If there is nothing there or only the two rules I provided earlier you do not have a safe machine because there are no firewall rules in place. If that is indeed the case you need to search for how to turn on a firewall on fedora and make that your priority.
I have no firewall. What I want is something like Windows has: Bitdefender, or Malware Bytes. If I turn on any of the suggested firewalls, something that I use will probably be blocked--email, Google, something. Sorry I'm just too stupid to understand this. I don't normally ever boot into Windows, but I have it on a couple 
of machines--not this one.
How do you use this machine? Do you run it from the keyboard or do you log into it from a different machine? Is your mail on a remote machine like at gmail or yahoo?
If those answers are yes here is a very minimal firewall that will let you go out to anywhere you want, will only allow return traffic from connections you started, and will block every attempt from everywhere trying to establish a new connection from them onto your machine, except for ping. 

Save the following into a file such as "myfirewall".

*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

Empty any old rules from the kernel firewall:

iptables -F

Load the firewall rules into the kernel (as root):

iptables-restore < myfirewall
To see what the kernel firewalls are (including the defaults you didn't add) (as root): 

iptables-save
Bare minimum but I use that on everything before I connect it to the internet. 
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux