[ale] Another Ipchains question

[Transam]

> I thing I have it.  Here is my command line to disable iincoming telnet
> requests to the server that this command is ran on

> /sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 23 -d 192.168.2.231/0 23 -j DENY

The following works if your system's IP is anything (since you specified /0
meaning 0 bits of the address need to match).  It is misleading though.

/sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 -d 192.168.2.231/0 23 -j DENY

Any of the following (and various permutations) are common.  The ones closest
to the top are the clearest (IMO):

/sbin/ipchains -A input -i eth0 -p tcp --dport 23 -j DENY
/sbin/ipchains -A input -i eth0 -p tcp -s 0/0 --dport 23 -j DENY
/sbin/ipchains -A input -i eth0 -p tcp -s 0/0 -d 0/0 23 -j DENY
/sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 -d 0/0 23 -j DENY

Bob Toxen
transam at cavu.com                       [Bob's ALE Bulk email]
bob at cavu.com                           [Please use for email to me]
http://www.cavu.com                    [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com/ [My 5* book:"Real World Linux Security"]
http://www.cavu.com/sunset.html        [Sunset Computer]
Fly-By-Day Consulting, Inc.      "Don't go with a fly-by-night outfit!"
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.