On 23/01/03 Ralph Churchill did say:
> I work at a large company and was having some fellow
> employees regularly scanning my box... so I put up a
> little firewall. Here's my one and only rule:
>
> iptables -A INPUT --source 192.168.0.0/16 -j DROP
>
> Now, shouldn't that block any and ALL traffic from any
> computer on the 192.168.*.* subnet? Do I need to be
> more explicit? I also have snort running and I see
> some stuff getting through... Thanks.
You'll see it with a sniffer regardless. That's a good thing. If you
want to see what it's dropping, jump to a chain that logs it, and then
drops it.
Mike
--
Michael P. Soulier <michael_soulier@mitel.com>, 613-592-2122 x2522
SME Solutions, Mitel Networks Corporation
"...the word HACK is used as a verb to indicate a massive amount
of nerd-like effort." -Harley Hahn, A Student's Guide to Unix
