Blue|Fusion
Rated XXX
|
 Posted: Tue, 15 May 2007 01:06:23 Post Subject: |
 |
|
Thanks for the tips. I disabled the bootp ports completely. It does require DHCP although an IP lasts me years so long as the MAC address does not change. I also looked up the RFC-1918 stuff about the reserved LAN IPs. I added 3 new rules based on them. I think they should work...perhaps you could tell me otherwise?
I also do not know why those ports were open. That is the second howto that had ports 1024 and up open. I commented it out and reloaded the new rules with no issues, so those two lines are commented out now, too.
And I have SSH opened because I do access the network when I'm out of the house. What I really liked about this config I found was that after 2 connection attempts in the previous 5 minutes drops incoming connections thereafter (until it's less than 2 connections in the preceding 300 seconds). It's nothing real special, but gives script kiddies a reason to move on.
I edited the above post with the current config so the post doesn't drag on and on...
_________________
5 home-built PCs, ASUS A6Jc Laptop, and a PowerEdge 2650 - all running Gentoo. Now if only I can get a car and plane to run it. Take a look at my Gallery! |
|
