Hi,
What is the best method to protect a RedHat Linux box against attack while running a SER server.
What is the impact of using iptables filtering on SER ? Any advices ?
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.674 / Virus Database: 436 - Release Date: 02/05/2004
On May 11, 2004 at 16:28, Olivier olivier@siteboulevard.com wrote:
Hi,
What is the best method to protect a RedHat Linux box against attack while running a SER server.
What is the impact of using iptables filtering on SER ? Any advices ?
Use only udp and filter everything you want. Just make sure you allow udp port 5060 (or wahtever port you are running ser on). All udp messages sent by ser will haver source port==5060, and all incoming udp should have dest. port == 5060.
tcp is more complicated to filter. You could allow incoming connections only on 5060, but you can't filter outgoing traffic (the source port is dynamically allocated). Also the source ip of the tcp connections initiated by ser depends on the routing table on multihomed host.
Andrei
-
Andrei Pelinescu-Onciul -
Olivier