Rules List of Iptables
#1
malming galau | jam menujukan jam 00.08
mending ane nulis tread

oke, balik lagi nih sama ane Clound,manusia tampan tiada tara

sekarang ane mau sharei beberapa Rules Iptables..
pasti udah pada tau lah iptables apa \m/

oke langsung aja cekdidot,..

Spoiler! :

# --- ATURAN PACKET STANDARD
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT DROP
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT

# --- Membersihkan Semua Aturan/Chain Rule
$IPT -F
$IPT -t nat -F
$IPT -X
$IPT -t nat -X
$IPT -Z
$IPT -t nat -Z

# --- Memberikan Status Koneksi Apabila Sudah Terbentuk
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# --- Mencegah Serangan Port Scaner /Nmap
$IPT -A INPUT -f -j LOG --log-level 7 --log-prefix "TCP FRAGMENT: "
$IPT -A INPUT -f -j DROP

# --- SSH Dictionary Attack
$IPT -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
$IPT -A SSH_CHECK -m recent --set --name SSH
$IPT -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH -j DROP

# --- Koneksi OpenVPN
#Port Vpn : 1194
$IPT -A INPUT -p udp --dport 1194 -m state --state NEW -s 0/0 -j ACCEPT
$IPT -A INPUT -p udp --dport 1194 -j LOG --log-level 7 --log-prefix "VPN
PORT 1194 UDP:"

# --- SSH REMOTE Server-Client
## Dari Koneksi Internet RADNET
$IPT -A INPUT -p tcp --dport 22 -m state --state NEW -s 202.154.24.48/29 -j ACCEPT

## Koneksi Jaringan Internal Bhinneka Group dengan Tunnel
$IPT -A INPUT -p tcp --dport 22 -m state --state NEW -s 10.22.0.0/24 -j ACCEPT
$IPT -A INPUT -p udp --dport 22 -j LOG --log-level 7 --log-prefix "SSH
Detected:"

# --- DNS Server
$IPT -A INPUT -p udp -s 0/0 --dport 53 -j ACCEPT
$IPT -A INPUT -p udp --dport 53 -j LOG --log-level 7 --log-prefix "DNS
Detected:"

# --- Rules SAMBA
$IPT -A INPUT -p tcp --dport 139 -m state --state NEW -s 0/0 -j ACCEPT
$IPT -A INPUT -p udp --dport 139 -j LOG --log-level 7 --log-prefix
"SAMBA Detected"

# ---- Rules MYSQL
$IPT -A INPUT -p tcp --dport 3306 -m state --state NEW -s 10.22.0.0/24 -j ACCEPT
$IPT -A INPUT -p udp --dport 3306 -j LOG --log-level 7 --log-prefix
"MYSQL Detected:"

# --- Rules HTTP
$IPT -A INPUT -p tcp --dport 80 -m state --state NEW -s 10.22.0.0/24 -j ACCEPT
$IPT -A INPUT -p udp --dport 80 -j LOG --log-level 7 --log-prefix
"HTTP Detected"

# --- Rules OpenVPN
$IPT -A OUTPUT -o eth0 -j ACCEPT
$IPT -A OUTPUT -o eth1 -j ACCEPT
$IPT -A OUTPUT -o tun0 -j ACCEPT
$IPT -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# --- ICMP Packet
$IPT -A INPUT -p icmp --icmp-type 8 -j ACCEPT
$IPT -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
$IPT -A INPUT -p icmp --icmp-type 8 -j LOG --log-level 7 --log-prefix
"PING Detected:"


oke gw rasa segitu udah cukup Smile :-?

kalo ada yg mau nambahin monggo...
jika nemu kesalahan mohon di koreksi jga ya om
:-bd

udah ah,gw mau tidur dlu :tidur :ngantuk
:bye

Spoiler! :
gak nolak di timpuk cendol Confusedeneng
Klik Here

Clound@IBTeam:~#
EMail Me : [email protected]

#2
nice bro Big Grin .. berhubung Tread yang ini http://indonesianbacktrack.or.id/forum/s...es#pid6110 TSnya banned :p jadi kita buka pembahasan di tread ente ini okeey

#3
ohh ini bisa di load ke tools ane, tar ane bagi ebook nya aja kalo ingat Tongue
ada kodok teroret teroret dipinggir kali terorret teroret mencari makan teroret teroret setiap pagi teroret teroret

visit: http://warungiso.blogspot.com/

I was not smart or special but I was unix

#4
(07-07-2013, 03:20 AM)xsan-lahci Wrote: nice bro Big Grin .. berhubung Tread yang ini /forum/showthread.php?tid=702&pid=6110&highlight=Rules+Iptables#pid6110 TSnya banned :p jadi kita buka pembahasan di tread ente ini okeey

oke-oke om :-?
pindah alih jabatan nih =))
Klik Here

Clound@IBTeam:~#
EMail Me : [email protected]

#5
Penonton..kok sepi sih :-?
UP..UP.. UP dlu ah Smile)
Klik Here

Clound@IBTeam:~#
EMail Me : [email protected]






Users browsing this thread: 1 Guest(s)