iptables -P INPUT DROP
iptables -A INPUT -s 198.168.2.0 -p tcp --destination-port 139 -j ACCEPT
iptables -A INPUT -s 198.168.2.0 -p udp --destination-port 139 -j ACCEPT
Now my users can't login.
How to open the ports? smb,ssh etc.
Thanks
Paras.
Dharmendra.T writes:
Hi
Just deny the all default policies like
iptables -P INPUT DROP
Then allow the internal users to connect to it.
Regards
Dharmendra.T
Linux Security Expert
----- Original Message -----
From: "paras" <paras@bajranet.com.np>
To: <security-discuss@linuxsecurity.com>
Sent: Thursday, December 19, 2002 6:14 PM
Subject: netbios-ssn
hi all------------------------------------------------------------------------
I have samba server running as a domain controller for my company.
now i want this server to be secure. how do i make DROP or DNEY to outside
world and allow for my internal users. i did as:
iptables -A INPUT -s 198.168.2.0 -p tcp --destination-port 139 -j ACCEPT
iptables -A INPUT -s 0.0.0.0 -p tcp --destination-port 139 -j DROP
iptables -A INPUT -s 198.168.2.0 -p udp --destination-port 139 -j ACCEPT
iptables -A INPUT -s 0.0.0.0 -p udp --destination-port 139 -j DROP
where 192.168.2.0 is my internal network.
I am not sure wheather this is working or not.how can test this?. is there
any better way to be more secure to this port netbios-ssn.?
Thanks
Paras.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
