how u use the iptable firewall to restrict ssh,telnet,ftp
Answers were Sorted based on User's Feedback
Answer / sins
simply use..... iptables -A INPUT -s <sourse ip or n/w u
want to block the services> -p tcp --dport <specify prt
number> -j REJECT/DROP/DENY
Is This Answer Correct ? | 26 Yes | 0 No |
Answer / rajesh dwivedi
If you restrict ssh/telnet or ftp u have to write a rule
for example u have to restrict ssh
IPTABLES -A INPUT -p tcp -s <IP Address or Domain IP> --
dport <ssh port> -j REJECT/DROP
Is This Answer Correct ? | 12 Yes | 0 No |
For SSH
iptables -A INPUT -s <sourse ip or n/w u
want to block the services> -p tcp --dport <22> -j
REJECT/DROP/DENY
For Telnet
iptables -A INPUT -s <sourse ip or n/w u
want to block the services> -p tcp --dport <23> -j
REJECT/DROP/DENY
For FTP
iptables -A INPUT -s <sourse ip or n/w u
want to block the services> -p tcp --dport <21> -j
REJECT/DROP/DENY
Is This Answer Correct ? | 6 Yes | 0 No |
Answer / srivathsan
Just a small typo to the file name, it is '/etc/hosts.deny'
Thanks,
- Vathsan.
Is This Answer Correct ? | 5 Yes | 2 No |
Answer / swapnil
if want to put on the INPUT then
iptables -A INPUT -s source -p protocol --dport destination
port -j DENY
if want to put the OUTPUT tables then
iptables -A OUTPUT -s source -p protocol --dport denation
port -j DENY
Is This Answer Correct ? | 2 Yes | 0 No |
Answer / srivathsan
Followed by iptables command mentioned by Sins to restrict
domains for various services, pleaese run
$ service iptables save
$ restorecon /etc/sysconfig/iptables.
Also, you could block the domains by adding an entry inside
/etc/hots.deny like,
sshd: <Unwanted domain url>
:qw to save changes to the file.
- Vathsan.
Is This Answer Correct ? | 4 Yes | 3 No |
Answer / nrupan mampilly
iptables -I INPUT -t filter -s source -p protocol --dport
portnumber -j REJECT
Is This Answer Correct ? | 0 Yes | 0 No |
Answer / anil kumar pinnaka
chkconfig --level < run level for enabling the iptables > on
This will enables the ip table for the given run level.
so that these service will ge blocked.
Is This Answer Correct ? | 1 Yes | 15 No |
What file should you examine to determine the defined runlevels for your system?
How to apply patch for multiple servers .
1. User gaves df -h and the system get hanged. why ? 2. what is the hardlink and softlink mount ? 3. why is portmape should be started ? 4. what is nologin option 5. how to restrict users from accessing nfs ? 6. what is the difference between cpio and tar 7. what are the kernel parameters ? how to find out it ? 8. why we use sysctl.conf ? 9. if we gives init1 from multiuser runlevel, will it affect other users who already logged in to the system ? 10. what will be the available space to use after configuering raid5 with 5 disks each having 5gb spce ?
How to know what are the packages required for any service? Example: How to know what are the package required for send mail services. using any command it is passable are not?
cups stands for..?
Give a Linux shell command to find all files in a directory which contain ip addresses.
How to load the old kernel without rebooting server
how can i make an user to nologin without locking the account for the user
what are acl permissions..? what is automation of jobs..?
What is the difference between RedHat linux and Fedora and Ubuntu?
User unable to login in server then how can u troubleshooting it? Example: server at Bangalore. in that server two users try to login in server. 1st user able to login. but second user unable to login so how can troubleshoot it ?
What are the differences between FTP , NFS , SAMBA servers explain separately.