Tue, 22 Oct 2002 17:42:45 +0200, tu as dit : > Hi Everyone, > Just a question: > I want to set up a firewall box with iptables in which I can use nmap. > Which ports/protocols can I set to ACCEPT and which to DROP? I advise you to set the policy at DROP, and to accept: * RELATED, ESTABLISHED packets * NEW packets on the ports you _need_ to open (80 if you host a web server, 22 if you want to allow remote login using ssh and so on). * ICMP echo-request packets This is a basic and a simple firewall and should be a good start. -- Gael Le Mignot "Kilobug" - kilobug@freesurf.fr - http://kilobug.free.fr GSM : 06.71.47.18.22 (in France) ICQ UIN : 7299959 Fingerprint : 1F2C 9804 7505 79DF 95E6 7323 B66B F67B 7103 C5DA Member of HurdFr: http://hurdfr.org - The GNU Hurd: http://hurd.gnu.org
