Professional Documents
Culture Documents
• What is iptables?
Iptables is in short a Linux based packet filtering firewall. Iptables interfaces to the
Linux netfilter module to perform filtering of network packets. This can be to
deny/allow traffic filter or perform Network Address Translation (NAT). With careful
configuration iptables can be a very cost effective, powerful and flexible firewall or
gateway solution. Iptables is available from http://www.netfilter.org/ or via your Linux
distribution.
• Introduction
A basic rule of thumb is that you want to block all inbound traffic and then specify
which traffic you want to receive. Depending on levels of security needed this policy
could also be applied to outgoing traffic. With iptables you first set rules to allow traffic
you want to get through the firewall then set a rule to deny all traffic.
Allow incoming TCP traffic on port 80 (HTTP) for the IP range 192.168.0.1 --
192.168.0.254.
iptables -A INPUT -s 192.168.0.0/24 -p tcp -m tcp --dport 80 -j ACCEPT
19 3.533 seconds
Typical Scanning Session
• The only open port is 80/tcp - in this case, the web admin interface for the router. OS
fingerprinting guessed it was a Netgear Wireless Access Point - in fact this is a Netgear
(wired) ADSL router. As it said, though, there were insufficient responses for TCP sequencing
to accurately detect the OS.
THANK YOU
vkapoor@ietdavv.edu.in
vkapoor13@yahoo.com
09424566004 (M)