29 Jun
2016
29 Jun
'16
1:11 p.m.
On 29/06/16 20:00, Leon Vergottini wrote:
# DEFAULT FIREWALL POLICY iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP
# ------------------------------------------------------ # INPUT CHAIN RULES # ------------------------------------------------------
# MOST COMMON ATTACKS iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
Why bother adding DROP rules if the default policy is DROP?