I apologize for the posting of the long script below, but I'm in dire
need of someone's advice regarding the proper configuration/setup of a
simple firewall via IPChains.
My hacked server has been brought back online. I've quickly installed
all the updates and other security items back to the box
(SSH/Portsentry/Log Check/Turned off Telnet). Upon installing my
IPChains, I noticed immediately HORDES of spammers trying to use my
machine as a relay.. I've got it fairly nailed down, but I serious
want to thwart any would-be hackers via IPChains... I will be also
installing ASP/mySQL/PHP3 on the box. I found this script below and
was wondering if it would be a good start for fitting my needs as a
basic line of defense as a firewall?
I have three questions I was wondering if someone could assist me with
regarding this script?
1) Should I change all the "ppp0" entries in the script below <from a
dialup> to "eth0", as my box is sitting in a NOC on a static IP?
2) I'm not clear on the correct settings for the top part of this script.
# Define the default network address
ALL="0.0.0.0/0"
# Define the private network's address
PRIV_NET="192.168.1.0/24"
# Define localhost address
LOCAL_HOME="127.0.0.1"
I know my servers IP address, Network address, Usable IP Range,
Broadcast address, and Subnet Mask..
3) How should I call up the script..? I normally add start-up lines to
/etc/rc.d/rc.local for various programs I want called at boot.. Should
I just drop this file into /etc as say rc.firewall then add a line to
rc.local that calls up the script upon boot? I wasn't sure if it
needed to be loaded early during the boot process...
Any help with the above would be greatly appreciated... I've been
sitting here for almost 24 hours now, and I'm determined to nail down
this box if it's the last thing I do...