Condividi:        

Comando iptables -L e Guarddog

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Comando iptables -L e Guarddog

Postdi segugiofan » 04/03/05 14:15

Ciao a tutti.Ho installato guarddog su mdk,sapete come interpretare questi log ottenuti dando il comando iptables -L?Eccoli:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
logaborted tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:RST/RST
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
nicfilt all -- anywhere anywhere
srcfilt all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
srcfilt all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
s1 all -- anywhere anywhere
Chain f0to1 (1 references)
target prot opt source destination
logdrop all -- anywhere anywhere
Chain f1to0 (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:http state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:webcache state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:http-alt state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:8000 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:8888 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:smtp state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:pop3 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:ftp state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:https state NEW
logdrop all -- anywhere anywhere
Chain logaborted (1 references)
target prot opt source destination
logaborted2 all -- anywhere anywhere limit: avg 1/sec burst 10
LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
Chain logaborted2 (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `ABORTED '
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Chain logdrop (4 references)
target prot opt source destination
logdrop2 all -- anywhere anywhere limit: avg 1/sec burst 10
LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
DROP all -- anywhere anywhere
Chain logdrop2 (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `DROPPED '
DROP all -- anywhere anywhere
Chain logreject (0 references)
target prot opt source destination
logreject2 all -- anywhere anywhere limit: avg 1/sec burst 10
LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
DROP all -- anywhere anywhere
Chain logreject2 (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `REJECTED '
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
DROP all -- anywhere anywhere
Chain nicfilt (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
logdrop all -- anywhere anywhere
Chain s0 (1 references)
target prot opt source destination
f0to1 all -- anywhere localhost
logdrop all -- anywhere anywhere
Chain s1 (1 references)
target prot opt source destination
f1to0 all -- anywhere anywhere
Chain srcfilt (2 references)
target prot opt source destination
s0 all -- anywhere anywhere
segugiofan
Utente Senior
 
Post: 955
Iscritto il: 05/08/03 19:53

Sponsor
 

Postdi segugiofan » 04/03/05 23:40

In questo sito http://stealthtests.lockdowncorp.com/ ci sono dei test per verificare la "bontà" del proprio firewall installato.Dato che è tutto in inglese,vorrei chiedervi come si fa a capire se si sono superati i test.In pratica,vorrei sapere,quale messaggio dovrei visualizzare quando ogni singolo test è superato? :undecided:
segugiofan
Utente Senior
 
Post: 955
Iscritto il: 05/08/03 19:53

Postdi Kobe » 05/03/05 09:45

appare una finestra in cui c'è scritto una frase come questo:
Scanning for a proxy server on standard ports 1080 and 8080... None Found!
Mi piacciono i Rockets, ma sto con i L.A. Lakers.
-------------------------------------------------------
Admin http://kobemaster.altervista.org
Kobe
Utente Senior
 
Post: 296
Iscritto il: 07/01/05 19:22
Località: davanti computer

Postdi segugiofan » 05/03/05 12:26

Si infatti,però posso sapere benissimo anche senza fare quel test che navigo senza proxy :D :lol:
segugiofan
Utente Senior
 
Post: 955
Iscritto il: 05/08/03 19:53


Torna a Sicurezza e Privacy


Topic correlati a "Comando iptables -L e Guarddog":


Chi c’è in linea

Visitano il forum: Nessuno e 28 ospiti

cron