If you intend to monitor only, set OUTPUT and FORWARD chains to DROP.
Otherwise you can't firewall. Make sure your monitoring software is up
to date, as vulnerabilities on it will be the biggest issue.
Regards,
Tyler
Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote:
Hi Everyone,
Currently, I use ebtables and iptables to secure my servers. It would be
appreciated if someone could please give me some advice on what the best
settings are for using a network port in promiscuous mode for network
monitoring *only*. I.e. I do not want any of this traffic to be able to
access anything on my server.
Thanks
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
