Monday, January 11, 2010

iptables for simple packet filtering

Run these command Linux server to config iptables for protect your server from SYN flood, Port scanning, PoD attack (MrMe HVA):
# iptables -F
# iptables -A INPUT -p tcp --syn -m limit --limit 1/s –j ACCEPT
# iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
# iptables -A INPUT -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
# service iptables start
# chkconfig iptables on

No comments:

Post a Comment