Manualshelf

Installing and Administering PPP

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
121122123124125126127128129130
Chapter 5 129
Security Techniques
Open Policy Filter Example
!127.0.0.0;8 # block IP spoofing attacks
!dstport=ident/recv/unreach=rst # block IDENT service (113/tcp)
!chargen/unreach=prohibited # block chargen service
# (19/tcp,19/udp)
!discard/unreach=prohibited # block discard service
# (9/tcp,9/udp)
!echo/unreach=prohibited # block echo service
# (7/tcp,7/udp)
!5/icmp # block ICMP_REDIRECT
!sunrpc # block portmap (sunrpc
# 111/tcp,111/udp)
!exec # block rexecd (512/tcp)
!login # block rlogind (513/tcp)
!shell # block rshd (514/tcp)
!syslog # block syslogd (514/udp)
!printer # block lpd (515/tcp)
!2049/udp # block nfsd (2049/udp )
!tftp # block tftp (69/udp)
all # permit all other packets
keepup
!send # outbound traffic
!3/icmp # ICMP unreachable messages
!5/icmp # ICMP redirect messages
!11/icmp # ICMP time exceeded messages
!who # WHO protocol
!route # routed/gated RIP protocol
!ntp # Network Time Protoco
all # all other packets
log
rejected # packets rejected by
# packet filter
!all # block all other packets