----- Original Message -----
From: "Burke, Thomas G." <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 04, 2001 10:51 AM
Subject: RE: blackhole firewall rules
> Why not just reject packets on the port where they scan? I imagine they
> usually scan the same port number.
Sure, I can do that too. The ports I want to block are arbitrary, really.
> This blocks the entire outside world from accessing port 31337 (and logs
it)
This is the problem, here. I want to keep my smtp server open to the world
so I can receive email and access my imap server from work or the road, but
closed to @home so they can't tell that I run my own mail server. Is there
a way to deny a packet by source? I'm sure there must be.
> Although, I imagine that might break a lot of stuff...
Yep. So I need a rule that says: if from source IP x to y port, drop
packet. otherwise, allow. Ideally, the rule would do a hostname lookup to
see if it's from home.net, but if that's impossible I can probably just
figure out the IP range that @home uses.
Halcyon
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
