Find the answer to your Linux question:
Results 1 to 6 of 6
Hi, Currently i'm using a RedHat 7.2 Iptables Firewall securing my network on an adsl broadband connection. The firewall is of course stripped down to refuse any incoming connections. The ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2004
    Location
    Ireland
    Posts
    6

    IPTABLES Remote User Question


    Hi, Currently i'm using a RedHat 7.2 Iptables Firewall securing my network on an adsl broadband connection. The firewall is of course stripped down to refuse any incoming connections. The problem i have is that i want a remote user to be able to come onto my network through my firewall (i've arranged a static adsl address). What is the best way to go about this, bearing in mind that i also still want my network to be secure (i.e. how do i verify that the user coming into my network is an authorised user with permissions to access my network resources?)

    Any help would be appreciated.

  2. #2
    Linux Newbie
    Join Date
    Jan 2004
    Location
    Belgrade, S&M
    Posts
    177
    I didn't understand you completely: do YOU ( the firewall) have a staic ip or does the remote user have it ? Or do you both have it ? If the remote user has a static ip, then just add a rule in iptables on top of all others giving acces to that ip. like :
    iptables -A INPUT -s 200.200.200.200 -j ACCEPT or something like that
    On the other hand, if the remote user has a dyanmic ip address, sorry I am not sure which is the best way to do it.


  3. #3
    Just Joined!
    Join Date
    Mar 2004
    Location
    Ireland
    Posts
    6
    thanks. the firewall has a static ip address, the user does not. so if ya think of any way.....?

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Apr 2004
    Posts
    3
    try to use ipchains for the above solution

  6. #5
    Just Joined!
    Join Date
    Mar 2004
    Location
    Ireland
    Posts
    6
    I can use ipchains but what way should i go about configuration?

  7. #6
    Linux Engineer
    Join Date
    Nov 2002
    Location
    Queens, NY
    Posts
    1,319
    Why ipchains? Ipchains doesn't support stateful packet inspection. Stick with iptables. If you do use stateful packet inspection, make sure you have the rules of the iptables in order to accept incoming connections on first adn then start rejecting other connections afterwards.

    For your other question, I'd suggest running an OpenSSH server and possibly changing the port number to a higher one (above 1024). This way, even if people constantly try port 22 (default SSH port), they won't see anything. Also, you probably already have a good idea about this but make sure he/she has a strong password.
    The best things in life are free.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •