[SATLUG] IPTABLES help
Ed Coates
edcoates at gmail.com
Sun Mar 18 18:30:56 CDT 2007
On 3/18/07, tom weeks <tweeksjunk2 at theweeks.org> wrote:
> >
> > #
> > # Start IP Forwarding
> > #
> > echo "1" > /proc/sys/net/ipv4/ip_forward
>
>
> You don't want to engage forwarding between your NICs until after you have
> your final REJECT/DROPs rules in place and active. Otherwise you're whole
> network could be vulnerable to attack while the rest of your script executes
> and your system finishes booting.. which can sometimes create a significant
> attack window. Especially if the attacker can get your firewall to crash or
> reboot.
>
> Tweeks
>
Tom,
Thanks, I'll keep that in mind when I start modifying the script. Any
idea on blocking my kids' computer from the net?
Ed
More information about the SATLUG
mailing list