* Unauthorized Activity Detection using IPTables
@ 2002-12-13 14:44 Amit Kumar Gupta
2002-12-13 15:46 ` Maciej Soltysiak
2002-12-13 17:39 ` Ranjeet Shetye
0 siblings, 2 replies; 4+ messages in thread
From: Amit Kumar Gupta @ 2002-12-13 14:44 UTC (permalink / raw)
To: netfilter
[-- Attachment #1.1: Type: text/plain, Size: 248 bytes --]
Hi,
I want to know how to detect unauthorized activities in firewall using
IPtables.
If any user tries for some unauthorized service, I should be able to log
it and drop it.
Please give suggestions.
Thanks & Regards.
Amit
[-- Attachment #1.2: Type: text/html, Size: 4561 bytes --]
[-- Attachment #2: Wipro_Disclaimer.txt --]
[-- Type: text/plain, Size: 514 bytes --]
**************************Disclaimer************************************************
Information contained in this E-MAIL being proprietary to Wipro Limited is
'privileged' and 'confidential' and intended for use only by the individual
or entity to which it is addressed. You are notified that any use, copying
or dissemination of the information contained in the E-MAIL in any manner
whatsoever is strictly prohibited.
***************************************************************************************
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Unauthorized Activity Detection using IPTables
2002-12-13 14:44 Unauthorized Activity Detection using IPTables Amit Kumar Gupta
@ 2002-12-13 15:46 ` Maciej Soltysiak
2002-12-13 17:39 ` Ranjeet Shetye
1 sibling, 0 replies; 4+ messages in thread
From: Maciej Soltysiak @ 2002-12-13 15:46 UTC (permalink / raw)
To: Amit Kumar Gupta; +Cc: netfilter
Hello,
If you construct your firewall like this:
- allow what's allow
- log and drop everything else.
You will have what you need.
you can use something like:
iptables -N logdrop
iptables -A logdrop -j LOG
iptables -A logdrop -j DROP
and at the end of your chains add:
iptables -A FORWARD -j logdrop
This is for FORWARD chain, change it to whatever you need.
Regards,
Maciej Soltysiak
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: Unauthorized Activity Detection using IPTables
2002-12-13 14:44 Unauthorized Activity Detection using IPTables Amit Kumar Gupta
2002-12-13 15:46 ` Maciej Soltysiak
@ 2002-12-13 17:39 ` Ranjeet Shetye
1 sibling, 0 replies; 4+ messages in thread
From: Ranjeet Shetye @ 2002-12-13 17:39 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 1798 bytes --]
I read this and I went "WHOA!"
**************************Disclaimer************************************
************
Information contained in this E-MAIL being proprietary to Wipro Limited
is
'privileged' and 'confidential' and intended for use only by the
individual
or entity to which it is addressed. You are notified that any use,
copying
or dissemination of the information contained in the E-MAIL in any
manner
whatsoever is strictly prohibited.
************************************************************************
***************
I think I know the comprehensive answer to your query but going by your
disclaimer "any use ... of the information contained in the E-MAIL in
any manner
whatsoever is strictly prohibited", I cant help you without breaking a
few dozen laws, I guess, unless Ashcroft has passed even more while I
was writing this email. :D
Your disclaimers would be appropriate for private emails but I would
suggest that if you are going to be in a public forum then you will
necessarily have to change your disclaimers if you want people to be
able to come forward and help you!
take care,
Ranjeet Shetye
Senior Software Engineer
Zultys Technologies
771 Vaqueros Avenue
Sunnyvale CA 94085
USA
Ranjeet.Shetye@Zultys.com
http://www.zultys.com/
-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org] On Behalf Of Amit Kumar
Gupta
Sent: Friday, December 13, 2002 6:44 AM
To: netfilter@lists.netfilter.org
Subject: Unauthorized Activity Detection using IPTables
Hi,
I want to know how to detect unauthorized activities in firewall using
IPtables.
If any user tries for some unauthorized service, I should be able to log
it and drop it.
Please give suggestions.
Thanks & Regards.
Amit
[-- Attachment #2: Type: text/html, Size: 8042 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: Unauthorized Activity Detection using IPTables
@ 2002-12-13 16:25 Vagner Machado
0 siblings, 0 replies; 4+ messages in thread
From: Vagner Machado @ 2002-12-13 16:25 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 563 bytes --]
See <http://www.psionic.com/products/portsentry.html>
http://www.psionic.com/products/portsentry.html
-----Original Message-----
From: Amit Kumar Gupta [mailto:amitkumar.gupta@wipro.com]
Sent: sexta-feira, 13 de dezembro de 2002 11:44
To: netfilter@lists.netfilter.org
Subject: Unauthorized Activity Detection using IPTables
Hi,
I want to know how to detect unauthorized activities in firewall using
IPtables.
If any user tries for some unauthorized service, I should be able to log it
and drop it.
Please give suggestions.
Thanks & Regards.
Amit
[-- Attachment #2: Type: text/html, Size: 5827 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-12-13 17:39 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-12-13 14:44 Unauthorized Activity Detection using IPTables Amit Kumar Gupta
2002-12-13 15:46 ` Maciej Soltysiak
2002-12-13 17:39 ` Ranjeet Shetye
-- strict thread matches above, loose matches on Subject: below --
2002-12-13 16:25 Vagner Machado
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.