1 |
On Saturday 08 December 2007, Andrey Falko wrote: |
2 |
> On Dec 8, 2007 8:35 AM, Grant <emailgrant@×××××.com> wrote: |
3 |
> > I have shorewall set up on my router but I haven't set up anything |
4 |
> > security-wise for my laptop which normally sits behind the router. |
5 |
> > What should I be setting up on the laptop in preparation for traveling |
6 |
> > and connecting via a foreign network or even directly to the Internet? |
7 |
> > I don't run sshd on the laptop. I would think shorewall, but am I |
8 |
> > forgetting anything? |
9 |
> |
10 |
> At the very least I'd do the following with iptables: |
11 |
> |
12 |
> iptables -P INPUT DROP |
13 |
> iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
14 |
> iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT |
15 |
|
16 |
This line is only needed if you want to forward packets to another |
17 |
iface/device (i.e. when your laptop is acting as a router and the input |
18 |
interface is eth0). |
19 |
-- |
20 |
Regards, |
21 |
Mick |