[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Is it iptables enough?



----- Original Message ----- 
From: "Keith Roberts" <keith@xxxxxxxxxxxxxxxxx>
To: "John" <isofroni@xxxxxxxxx>
Sent: Tuesday, February 03, 2004 8:06 AM
Subject: Re: [suse-security] Is it iptables enough?


>
> > > IPTables operates at the
> > > kernel level, and it's conceiveable that some clever shithead could
write
> > > a kernel module that alters IPTables' behavior in a way that nullifies
> > > it's protection of your server. Remember, a rootkit gives anyone who
> > > accesses it absolute power over the server to do anything they want,
> > > including poisoning your detection mechanisms.
>
> Or just type:
>
>    # iptables -P INPUT ACCEPT
>    # iptables -P OUTPUT ACCEPT
>    # iptables -P FORWARD ACCEPT
>    # iptables -F
>
> as root to flush your IPTables script!
>
> Regards - Keith Roberts
>
>
>

How can i put the above commands at the boot time.

I put iptables command in the boot.local but nothing happened.



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here