Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- > Oct 30 17:32:24 IPTables Dropped: IN=eth0 OUT=
- > MAC=04:01:2b:bd:b0:01:4c:96:14:ff:df:f0:08:00 SRC=62.210.94.116
- > DST=128.199.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=45212
- > PROTO=TCP SPT=51266 DPT=5900 WINDOW=1024 RES=0x00 SYN URGP=0
- >
- > Oct 30 17:29:57 Debian kernel: [231590.140175] IPTables Dropped:
- > IN=eth0 OUT= MAC=04:01:2b:bd:b0:01:4c:96:14:ff:ff:f0:08:00
- > SRC=69.30.240.90 DST=128.199.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=245
- > ID=12842 DF PROTO=TCP SPT=18534 DPT=8061 WINDOW=512 RES=0x00 SYN
- > URGP=0
- # Drop bogus TCP packets
- iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
- iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
- # --- Common Attacks: Null packets, XMAS Packets and Syn-Flood Attack ---
- iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
- iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
- iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
- [Definition]
- failregex = ^<HOST> -.*IPTables Dropped:.*SYN URGP=0
- ignoreregex =
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement