November 22, 2024, 05:05:23 AM

News : LinuxSolved.com Linux Help Community Forum..


Author Topic: Blocking Atacks  (Read 11742 times)

Offline contenthost

  • Linux Noob !
  • *
  • Posts: 4
Blocking Atacks
« on: March 29, 2004, 01:58:23 AM »
Was Wondering if there's any scripts that would detect a icmp flooding and start blocking ips. Thank you!


Running Red Hat 9

Offline dragoncity99

  • LST CareTaker
  • Experienced
  • *****
  • Posts: 551
Blocking Atacks
« Reply #1 on: March 29, 2004, 08:44:15 AM »

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Blocking Atacks
« Reply #2 on: March 29, 2004, 03:21:42 PM »
May u can use Firestarter if you dont' want to gamble with iptables manually..

Offline contenthost

  • Linux Noob !
  • *
  • Posts: 4
Blocking Atacks
« Reply #3 on: March 29, 2004, 04:17:16 PM »
im using Iptables has it is i just want to a script that would detect a ICMP at a certain rare of incomming packets and add them to iptables.

Offline dragoncity99

  • LST CareTaker
  • Experienced
  • *****
  • Posts: 551
Blocking Atacks
« Reply #4 on: March 30, 2004, 04:59:55 AM »
Huh?? Can u explain again? I don't quite catch ur explaination. Sorry and thank you.

Is it a question or a statement?

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Blocking Atacks
« Reply #5 on: March 30, 2004, 08:06:26 AM »
May be he is saying that need a script which detect that now ICMP is getting flooded so block them. And after few times it again opens that. Is that so contenthost ?

Offline contenthost

  • Linux Noob !
  • *
  • Posts: 4
Blocking Atacks
« Reply #6 on: March 30, 2004, 08:12:01 AM »
yes exactly :)

Offline dragoncity99

  • LST CareTaker
  • Experienced
  • *****
  • Posts: 551
Blocking Atacks
« Reply #7 on: March 31, 2004, 05:18:34 AM »
OIC. Is it that the rule that u added is at command prompt when u logged in. But when u restart ur pc, the rule is gone?

Type this to check on the next start up: iptables -L -n

From wat i know, in certain distros, the rules that u add are temporary when u add it on that day. But when the next boot or restart, ur firewall script will be flushed (in otherwords it's reset to the default rules). In order to avoid this, create a text file and add the script and save it.

chmod +x to make it executable and load the script each time ur linux boots. U can alternatively, add the firewall rule into the boot up script (such as rc.local in /etc/rc.d directory) to run as well.

Offline contenthost

  • Linux Noob !
  • *
  • Posts: 4
Blocking Atacks
« Reply #8 on: March 31, 2004, 05:01:12 PM »
Ya Been doing that has it is. just wanted something that would do that auto for me since i can keep watching it everyday on every min.

Offline kenchix1

  • Tux Awared
  • **
  • Posts: 37
Blocking Atacks
« Reply #9 on: April 05, 2004, 02:23:07 AM »
I wish for the firewall using iptables tutorial soon be out. (plllsssss)   :cry: