Recommended iptables setup for management servers

Recommended iptables setup for management servers

[carlopmart]

Hi all,

  I am searching some tutorials about how to configure a robust/lockdown 
iptables rules to protect management servers (for example some NSM 
servers and firewall management servers).

  Yes, exists a lot of info in the web but nothing pretty much concise. 
I have used over several years BSD firewalls (pf) and this task is very 
simple ... but with iptables I am really lost ...

  The best tutorial that I have found is:

  http://www.remetter.de/os_linux_skript.php

  .. but it seems too old, or not? My linux servers are CentOS 6 ...

  My primary objective is to block malformed packets, scans, and control 
packets managed by mangle. Some of these servers have two interfaces and 
some services needs to be reached by this secondary interface.

  Any help?

  Thanks.
-- 
CL Martinez
carlopmart {at} gmail {d0t} com

Re: Recommended iptables setup for management servers

[Giles Coochey]

[-- Attachment #1: Type: text/plain, Size: 611 bytes --]

On 30/04/2012 19:59, carlopmart wrote:
>
>  .. but it seems too old, or not? My linux servers are CentOS 6 ...
system-config-firewall

Essentially, set your default policies to DROP (once you configure via 
system-config-firewall)

Then edit /etc/sysconfig/iptables to just allow additional protocols you 
require that might not be done by the system-config-firewall interface.

-- 
Best Regards,
Giles Coochey, CCNA Security, CCNA
NetSecSpec Ltd
giles.coochey@netsecspec.co.uk
Tel: +44 (0) 7983 877 438
Live Messenger: giles@coochey.net
http://www.netsecspec.co.uk
http://www.coochey.net


[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4928 bytes --]