| 1 |
On Saturday 08 December 2007, Andrey Falko wrote: |
| 2 |
> On Dec 8, 2007 8:35 AM, Grant <emailgrant@×××××.com> wrote: |
| 3 |
> > I have shorewall set up on my router but I haven't set up anything |
| 4 |
> > security-wise for my laptop which normally sits behind the router. |
| 5 |
> > What should I be setting up on the laptop in preparation for traveling |
| 6 |
> > and connecting via a foreign network or even directly to the Internet? |
| 7 |
> > I don't run sshd on the laptop. I would think shorewall, but am I |
| 8 |
> > forgetting anything? |
| 9 |
> |
| 10 |
> At the very least I'd do the following with iptables: |
| 11 |
> |
| 12 |
> iptables -P INPUT DROP |
| 13 |
> iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
| 14 |
> iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT |
| 15 |
|
| 16 |
This line is only needed if you want to forward packets to another |
| 17 |
iface/device (i.e. when your laptop is acting as a router and the input |
| 18 |
interface is eth0). |
| 19 |
-- |
| 20 |
Regards, |
| 21 |
Mick |
Archives