On Tuesday 20 September 2005 09:10, P theodorou wrote:
> now regarding icmp packets . Is it
> applicable to drop inbound echo requests (so otherts cannot see me )
This is a policy question, not, strictly speaking, an iptables /
netfilter issue. Personally I don't see much point in hiding. It's a
knee-jerk insecurity reaction of people who don't understand what makes
(or breaks) security.
You will of course avoid some ping sweeps if you do that, and some of
those ping sweeps may in fact be preludes to lame attack attempts.
> but i will be able to send icmo echo request to WEB and receive
> replies too .
Yes, if your rules permit. Typically you use a rule like "-m state
--state RELATED,ESTABLISHED -j ACCEPT" to allow your replies back in.
Whether that goes in INPUT or FORWARD depends on the network layout.
(Generally goes in both.)
Um, "Web" is a term which refers to HTTP. HTTP is a high-level protocol
which runs over TCP. ICMP has nothing to do with HTTP, except that both
happen to use TCP/IP.
> Sorry if it looks very basic but im confused
I think what you need most is basic TCP/IP understanding. Where to
start, to find that? I'm not sure. Rusty wrote a basic networking
HOWTO, the specific name of which I can't recall, but it's among the
netfilter.org HOWTOs.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
