• Login
  • Stats
  • Tools
  • Whois
  • Email Whois
  • Fingerprint
  • Logout
  • Contact
  • Lost Password
WebTracker.one
 
Login
Site Stats
Tools
Whois
Email Whois
Fingerprint
Logout
Contact
Lost Password
Please enable JavaScript to view this site.

Firewall Rules Against Bad TCP Settings

IPtables firewall rules - add protection against unusual (possibly malicious) TCP settings:

To add these rules, go to the command line and enter the following commands:

sudo iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
sudo iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
sudo iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP
sudo iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK,URG -j DROP
sudo iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
sudo iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
sudo iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
sudo iptables -A INPUT -m state --state INVALID -j DROP
sudo iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP

Refer to Ask Ubuntu discussion.

Make the new rules permanent by running the following command:

sudo iptables-save

See the following cheatsheet for more information.

     * posted by Robert on Sun, Jun 30, 2024



Firewall Rules Against Bad TCP Settings

Reply 1:

As a test, I used Kali Linux Hping3 to launch a syn flood attack against my own website. The IPtables firewall rules proved effective. The syn flood attack failed miserably as shown by the screenshot below:

syn flood attack results

     * posted by Robert on Sun, Jun 30, 2024


Return to Weblog Home



Site built and hosted by RJdesign.one