Re: Block network at logoff on workstation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Wed, Feb 3, 2010 at 9:36 PM, David McGuffey
<davidmcguffey@xxxxxxxxxxx> wrote:
> I'm trying to reduce the attack surface to a home machine that is always
> on and connected to the Internet.  It is running CentOS 5.4, with tight
> iptables rules and sits behind a Verizon FiOS firewall/switch also
> configured with tight rules.
>
> I was wondering how to best block all network access to it when I log
> off...then unblock it when I log on. Changing iptables requires root
> access...as does running ifdown and ifup scripts.
>
> I could change the permissions on ifdown and ifup and run them from the
> login/logout scripts, but I'd prefer not to do that.

Many window managers can run scripts on login and logout. You could
create a script uses sudo to enable/disable the interface then run it
on login/logout.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux