From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from ip-206-123-194-16.static.fasttrackcomm.net ([206.123.194.16] helo=tysdomain.com) by speech.braille.uwo.ca with esmtp (Exim 3.36 #1 (Debian)) id 1Hpnhl-0005N0-00 for ; Sun, 20 May 2007 11:52:21 -0400 Received: from [192.168.1.101] (helo=GRANDMA) by tysdomain.com with smtp (Exim 3.36 #1 (Debian)) id 1Hphql-000113-00 for ; Sun, 20 May 2007 03:37:15 -0600 Message-ID: <000f01c79af4$9917f3d0$6501a8c0@GRANDMA> From: "Littlefield, Tyler" To: "Speakup is a screen review system for Linux." Subject: security precautionswith iptables? Date: Sun, 20 May 2007 09:34:43 -0600 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Antivirus: avast! (VPS 000741-4, 05/18/2007), Outbound message X-Antivirus-Status: Clean Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.9 X-BeenThere: speakup@braille.uwo.ca X-Mailman-Version: 2.1.9 Precedence: list Reply-To: "Speakup is a screen review system for Linux." List-Id: "Speakup is a screen review system for Linux." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 May 2007 15:52:21 -0000 Hello list, I've been told to block ping requests with iptables. I made the = following rule: iptables -A INPUT -p icmp --icmp-type echo-request -j DROP The only problem with this, is it drops all pings incoming as well, = which causes a slight problem. Any way around this? Also, is there anything else that can be done in order to make the = system more secure? I was told to block fragmented packets. I know what = they are, but don't know enough about tcp in order to be able to do much = with them. Help is appriciated. Thanks,