Hi Steve, If you have been hacked, then at least you have taken the necessary first step by shutting down, but it doesn't appear like you have cleaned your system or reinstalled it. I would do that before anything else, to ensure that I have _no_ bad dudes left on my machine. Then secondly, I would patch the server with all relevant patches. Secondly your script is very IP centric, all destinations for everything is based on IP's, why don't you try to simply fy your script, so it only meets your explicit demands. First of all, you could disallow packets from the Internet to the INPUT chain and only accept FORWARD packets which are related/established from inside. Finally, if you have an immediate problem, try to make a script that restarts your Internet connection and put the firewall script into this, so your firewall is being restarted as well. Nomatter what, please give some ideas about your network setup - it will help with understanding how we can help you. /Kim On Saturday 29 March 2003 09:09, Steve Quartly wrote: > Hi, > > A week ago I put a dedicated server on the internet. 2 > days ago a hacker got into my system and caused many > problems through a security flaw in the version of SSH > I am running. Last night he tried again, however I > locked the machine down so even I couldn't get into > it, and he had no success. > > I have now changed over to giptables (which is great) > but I have a few problems. > > If I connect to my server, run the firewall, > everything is ok. I can look at webpages, SSH, etc > from my home system. If I shutdown my home system, and > re-dial to the net, the firewall blocks eveything! I > can't even ping my server. My parents computer can't > access my server either. This is very frustrating, can > anybody please help me here. I suspect that DNS is > being blocked? > > I have attached my firewall script. > > If anyone could give me some guidance I'd be very > grateful. > > Thanks, > > Steve Q. > > http://mobile.yahoo.com.au - Yahoo! Mobile > - Check & compose your email via SMS on your Telstra or Vodafone mobile.
