SSH fails on 22 - Restrictive rules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello

i'm testing my SSH server from an external IP (my mate's pc)
and i've noticed than whenever i allow connections on eth0 with dport 22
i can see the username login page BUT, if apply the following rules

the  usual user name cannot be displayed
$IPTABLES -A TCPbad -p tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW -j REJECT --reject-with tcp-reset $IPTABLES -A TCPbad -p tcp ! --syn -m state --state NEW -j DROP # DROP NEW NOT SYN $IPTABLES -A TCPbad -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP #DROP SYN-FIN SCANS $IPTABLES -A TCPbad -p tcp --tcp-flags SYN,RST SYN,RST -j DROP #DROP SYN-RST SCANS $IPTABLES -A TCPbad -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP #DROP X-MAS SCANS 
$IPTABLES -A TCPbad -p tcp --tcp-flags ALL FIN -j DROP #DROP NMAP FIN SCAN
$IPTABLES -A TCPbad -p tcp --tcp-flags ALL NONE -j DROP #DROP NULL SCANS
$IPTABLES -A TCPbad -p tcp --tcp-flags ALL ALL -j DROP #DROP ALL/ALL SCANS

any help very appreciated
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux