Posted by : Anonymous Thursday, April 30, 2015

How Common Attacks Are Being Blocked By Linux IPTABLES
  

ifcfg-eth0 file configuration

Here in this section I am going to discuss some common attacks can be done on any type of Linux machine and I will also describe that how they are being blocked by iptables.

ICMP Flood | Ping Traffic

This is also known as ping of death attack or an ICMP flood. One must block ping traffic by using iptables. One must block all ICMP incoming packets from outside connection. You can let it allow for your internal network.  Below command shows how ICMP flood can be dropped by using iptables.DROP is used for dropping packet.

iptables -A OUTPUT -p icmp --icmp-type 8 -j DROP

Drop incoming NULL Packet

Null packets should be dropped by following command:

iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP

Drop incoming XMAS Packet

XMAS packets should be dropped by following command:
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP

Drop incoming Fragments Packet

Fragments packets should be dropped by following command:

iptables -A INPUT -f -j DROP

Drop SYN Packets

SYN packets should be dropped by following command:

iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP

Thus we can use iptables in efficient way.

Leave a Reply

Subscribe to Posts | Subscribe to Comments

Total Pageviews

- Copyright © REDBACK COUNCIL - RISC -- Powered by Redback - Designed by Redback Council -