Getting Invisible in LAN
# iptables -A INPUT -p icmp -j DROP
Restricting by MAC address
# iptables -A INPUT -m mac --mac-source XX:XX:XX:XX:XX:XX -j DROP
This will drop all the packets coming from a source to your linux machine.
Routing packets from external sources to specific ports on specific internal machines
# iptables -t nat -A PREROUTING -i WLAN_INTERFACE -p tcp –-dport PORTNUMBERS -j DNAT -–to-destination DESTINATION_IP
When you need to route packets from external sources to specific ports on specific internal machines, this is what you want to do. This rule takes advantage of network address translation to route packets properly.
Rule to block furtive port scanning
# iptables -N port-scan
# iptables -A port-scan -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j RETURN
# iptables -A port-scan -j DROP
Note: No Scanner can scan u in a LAN if u had applied these rules. NOT EVEN NMAP can scan u.
Thanks Guys..Stay Protected..
Dont Forget to increase my likes and comments :)
No comments:
Post a Comment