[geek]nerd[/geek]

[Malaclypse]

Well i got a new disk and that rocks. Also i'm running slack as of now, since it has most of the stuff i need configured out of the box, all i need is a good iptables script, if anyone (Malaclypse?) knows of one (stealth mode) let me know.

i could pm you mine if you like. but it's tailored for a router, so you can most probably forget most of it...

 

[DeepInMisery]

yeah np, send it im not a n00b, but i dont particurlarly feel like digging through howtos etc to make my own script, i just want a simple stealth configuration (no ports whatsoever open, nor closed )

 

[Malaclypse]

so you mean, basically:

* traffic is allowed from inside to outside
* no traffic from outside to inside
* UNLESS it's related to traffic you initiated (like, ftp)
* requests on all ports are being dropped (you appear offline)

then this is what you want:

 #!/bin/sh
 
 # Path To Iptables (you need to edit that probably)
 IPTABLES=/usr/sbin/iptables
 
 # TCP-Ports (enter ports you want open from outside, seperated by comma (maybe ssh))
 TCP_PORTS="666"
 
 # UDP-Ports (open ports UDP, for example samba)
 UDP_PORTS="666"
 
 # Internet Interface
 INET="eth1"
 
 # LAN Interface
 LAN="eth0"
 
 startup()
 {
 	# Flush (delete all present rules)
 	$IPTABLES -F
 	$IPTABLES -t nat -F
 
 	# set default policy
 	$IPTABLES -P INPUT DROP
 	$IPTABLES -P OUTPUT ACCEPT
 	$IPTABLES -P FORWARD DROP
 }
 
 chain_input()
 {
 	$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
 	# accept TCP & UDP ports as specified above
 	$IPTABLES -A INPUT -i $INET -p tcp -m state --state NEW -m multiport --dports $TCP_PORTS -j ACCEPT
 	$IPTABLES -A INPUT -i $INET -p udp -m state --state NEW -m multiport --dports $UDP_PORTS -j ACCEPT
 
 	$IPTABLES -A INPUT -i $LAN -m state --state NEW -j ACCEPT
 
 	#$IPTABLES -A INPUT -i $LAN -j LOG --prefix "Drop: INPUT (LAN)"
 	$IPTABLES -A INPUT -i $INET -j LOG --log-prefix "Drop: INPUT (INET)"
 }
 
 chain_forward()
 {
 	$IPTABLES  -t nat -A POSTROUTING -o $INET -j SNAT --to 123.456.78.90
 	$IPTABLES  -A FORWARD -i $LAN -j ACCEPT
 	$IPTABLES  -A FORWARD -i $INET -m state --state ESTABLISHED,RELATED -j ACCEPT
 
 	$IPTABLES -A FORWARD -i $INET -j LOG --log-prefix "Drop: FORWARD (INET)"
 	$IPTABLES -A FORWARD -i $LAN -j LOG --log-prefix "Drop: FORWARD (LAN)"
 }
 
 startup
 chain_input
 chain_forward

you can probably forget about the LAN interface as well as the whole FORWARD chain.
i hope that doesn't get too fucked up now...

 

[DeepInMisery]

so you mean, basically:

* traffic is allowed from inside to outside
* no traffic from outside to inside
* UNLESS it's related to traffic you initiated (like, ftp)
* requests on all ports are being dropped (you appear offline)

yeah thats what i mean. thanks, i'll try it asap

 

[DeepInMisery]

yup, it's working fine, had to modify it to remove the LAN part and the 666 tcp/udp port . now silently dropping all packets..

 

[Malaclypse]

yeah, the 666 was just an example whats listening on port 666 anyway? *checks* it's an app called "mdqs"... most probably mighty demon queued satanism.

 

[DE]

IPTables is one of the few things I miss in Windows.

 

[hyena]

@mal: mighty demon queued satanism

 

[DeepInMisery]

ehem, not to be a nitpicker, but that's DAEMON to you both.

 

[DeepInMisery]

"Many people equate the word ``daemon'' with the word ``demon,'' implying some kind of Satanic connection between UNIX and the underworld. This is an egregious misunderstanding. ``Daemon'' is actually a much older form of ``demon''; daemons have no particular bias towards good or evil, but rather serve to help define a person's character or personality. The ancient Greeks' concept of a ``personal daemon'' was similar to the modern concept of a ``guardian angel'' --- ``eudaemonia'' is the state of being helped or protected by a kindly spirit. As a rule, UNIX systems seem to be infested with both daemons and demons." (p403)

 

[Malaclypse]

well, my daemons are all evil, and thus they are demons

 

[Dark_Jester]

Daemonic demons demonising the daemon code? Deeeemonic...or is it daemonyc?

 

[Malaclypse]

we should agree on dæmon

 

[Salamurhaaja]

If you use Hotmail and think you are safe from spam:
think again
MS once again proving that they are only a money grubbing fuckers.

 

[Salamurhaaja]

Get Starsiege: Tribes for free from FilePlanet.com

There was Tribes 2 there before, but apparently it was removed since they
run out of CD-keys for it.

And if you don't know what Tribes is, check some movies here, they are
for Tribes 2, but should give you an idea what Tribes is about.

 

[Salamurhaaja]

Got my new headphones today, Koss The Plugs, just like the old ones that served
me very well for almost 2 years, daily use for the last 8 months.
I ordered them yesterday and today they arrived, huge bonus speed, PCAction.se
will definetly get more business from me in the future.

It seems Koss has changed The Plug slightly, they seem heavier and the bass is
more present and the wire is more flexible, which is good, cos that was the part
that broke in the old ones, the wire got so twisted daily that it was cut and lost
connection, resulting in music cutting off in the left plug. The more flexible wire
makes this less likely or so I hope anyway.

 

[Salamurhaaja]

This is a bit older news, but since the issue is still open:

For those of you who might be tempted by Gmail, the email crap from, the oh so
privacy considerate and ad-free, Google (don't accept cookies from strangers!),
you might wanna read this little thing... to start with.

 

[Malaclypse]

i finally found a decent mp3-player for linux, with a music library and such.

-> amarok.kde.org

 

[Gregor]

I built a teleporter out of cocktail sticks and sultanas.

 

[Thanatos]

anyone using emule here? I was wondering if I should bother with it, since I have 56k and I heard you have to be online for long periods of time in order to be allowed to download stuff.