View Single Post
  #3  
Old 31st December 2008, 09:56
v2k v2k is offline
Member
 
Join Date: Sep 2007
Location: Vancouver, Canada
Posts: 93
Thanks: 3
Thanked 1 Time in 1 Post
Default

These iptables look totally foreign to me aside from opening port 22 and 80, have I been hacked? Or is this normal... 224.0.0.251 means nothing to me.

Code:
]$ sudo cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT
Reply With Quote