Ipchains: output from ipchain --list

Paul Melson melson@scnc.holt.k12.mi.us
Sat, 23 Dec 2000 23:28:38 -0500

Previous message: Ipchains: output from ipchain --list
Next message: Ok. I must have the wrong cable.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Dec 23, 2000 at 11:12:16PM +0000, Don Chorman wrote:
> Here is the output when I ran the ipchain --list. I did not set up
> ipchain rules yet.
> 
> [root@c1129978-a /root]# ipchains --list
> Chain input (policy ACCEPT):
> Chain forward (policy ACCEPT):
> Chain output (policy ACCEPT):
> 
> 
> hope this looks normal.


	It's normal if you haven't done anything with it
	yet and are just checking for masquerading support
	within the running kernel.  However, if you're
	using that machine to act as a firewall/gateway
	for any other machines, may I suggest that you
	run this command until you are ready to begin 
	configuring ipchains:

	`ipchains -P forward DENY`

	Otherwise it's trivial for anyone who can guess
	your internal IP addressing scheme (10.0.0.0/8?)
	to scan and otherwise abuse your internal network.


PaulM

-- 
							_____________________
							melson@holt.k12.mi.us

Previous message: Ipchains: output from ipchain --list
Next message: Ok. I must have the wrong cable.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]