Hi
Just deny the all default policies like
iptables -P INPUT DROP
Then allow the internal users to connect to it.
Regards
Dharmendra.T
Linux Security Expert
----- Original Message -----
From: "paras" <paras@bajranet.com.np>
To: <security-discuss@linuxsecurity.com>
Sent: Thursday, December 19, 2002 6:14 PM
Subject: netbios-ssn
> hi all
>
> I have samba server running as a domain controller for my company.
> now i want this server to be secure. how do i make DROP or DNEY to outside
> world and allow for my internal users. i did as:
>
> iptables -A INPUT -s 198.168.2.0 -p tcp --destination-port 139 -j ACCEPT
> iptables -A INPUT -s 0.0.0.0 -p tcp --destination-port 139 -j DROP
> iptables -A INPUT -s 198.168.2.0 -p udp --destination-port 139 -j ACCEPT
> iptables -A INPUT -s 0.0.0.0 -p udp --destination-port 139 -j DROP
>
>
> where 192.168.2.0 is my internal network.
>
>
> I am not sure wheather this is working or not.how can test this?. is there
> any better way to be more secure to this port netbios-ssn.?
>
>
> Thanks
> Paras.
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
>
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
