Comments on: Iptables for Blogger http://nullmind.com/2005/10/10/iptables-for-blogger/ Just another worthless blog Fri, 30 Dec 2011 19:13:09 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: nullmind http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-616 nullmind Fri, 21 Oct 2005 16:01:42 +0000 http://nullmind.com/?p=148#comment-616 Unfortunately, yes ... http://help.blogger.com/default/bin/answer.py?answer=105&query=firewall&topic=0&type=f The proble is that their FTP publishing uses PASV (Passive) mode, but you can allways try this aproach instead if you using iptables http://nullmind.com/2005/04/27/iptables-w-proftpd/ Unfortunately, yes …

http://help.blogger.com/default/bin/answer.py?answer=105&query=firewall&topic=0&type=f

The proble is that their FTP publishing uses PASV (Passive) mode, but you can allways try this aproach instead if you using iptables

http://nullmind.com/2005/04/27/iptables-w-proftpd/

]]> By: Andrew Suares http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-615 Andrew Suares Fri, 21 Oct 2005 15:51:20 +0000 http://nullmind.com/?p=148#comment-615 I was wondering, is it necessary to open a range of ports? I was wondering, is it necessary to open a range of ports?

]]> By: nullmind http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-614 nullmind Mon, 17 Oct 2005 11:22:04 +0000 http://nullmind.com/?p=148#comment-614 yes .. but you assumign 2 things 1 - there are no other security measures in place 2 - that I gave a server IP were those rules are set (no, they not set on THIS server ;) ) becides, a smart hacker knows those ports need to be open for blogger to publish, so they can just look for any blogger site and try to spoof that IP .. thats why additional security measures need to be taken, stuff like hardened php, mod_security, latest OpenSSH etc .. all part of keeping a server secured .. one can never just rely on the firewall. yes .. but you assumign 2 things

1 – there are no other security measures in place

2 – that I gave a server IP were those rules are set (no, they not set on THIS server ;) )

becides, a smart hacker knows those ports need to be open for blogger to publish, so they can just look for any blogger site and try to spoof that IP .. thats why additional security measures need to be taken, stuff like hardened php, mod_security, latest OpenSSH etc .. all part of keeping a server secured .. one can never just rely on the firewall.

]]> By: polarizer http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-613 polarizer Mon, 17 Oct 2005 10:30:31 +0000 http://nullmind.com/?p=148#comment-613 Since it is public now because of your blog, one can spoof the ip with ease :O) Since it is public now because of your blog, one can spoof the ip with ease :O)

]]> By: nullmind http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-612 nullmind Mon, 17 Oct 2005 09:45:26 +0000 http://nullmind.com/?p=148#comment-612 it will alloww only those two ip's to connect to any port on that range .. so unless blogger attacks you, you shoudl be ok :) it will alloww only those two ip’s to connect to any port on that range .. so unless blogger attacks you, you shoudl be ok :)

]]> By: polarizer http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-611 polarizer Mon, 17 Oct 2005 09:35:16 +0000 http://nullmind.com/?p=148#comment-611 Ahh! I misunderstood your term "post". Under this new point of view i think your rules a too generous, because it is allowed to connect to every port 0-1024, not only ftp pasv (tcp,21). Check this[1] out for detailled instructions. [1] http://slacksite.com/other/ftp.html#passive polarizers 2cent http://www.codixx.de/polarizer.html Ahh! I misunderstood your term “post”. Under this new point of view i think your rules a too generous, because it is allowed to connect to every port 0-1024, not only ftp pasv (tcp,21).

Check this[1] out for detailled instructions.

[1] http://slacksite.com/other/ftp.html#passive

polarizers 2cent
http://www.codixx.de/polarizer.html

]]> By: polarizer http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-610 polarizer Mon, 17 Oct 2005 09:33:48 +0000 http://nullmind.com/?p=148#comment-610 Ahh! I misunderstood your term "post". Under this new point of view i think your rules a too generous, because it is allowed to connect to every port Ahh! I misunderstood your term “post”. Under this new point of view i think your rules a too generous, because it is allowed to connect to every port

]]> By: nullmind http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-618 nullmind Tue, 11 Oct 2005 18:18:16 +0000 http://nullmind.com/?p=148#comment-618 these 2 rules will allow outbound port range 1024 to 65535 to be open for the ip's 66.102.15.83 216.34.7.186 Wich are the blogger publishing ip's .. this allows their FTP to login in PASV move .. PASV mode will open ports back on the range mentioned above. these 2 rules will allow outbound port range 1024 to 65535 to be open for the ip’s

66.102.15.83
216.34.7.186

Wich are the blogger publishing ip’s .. this allows their FTP to login in PASV move .. PASV mode will open ports back on the range mentioned above.

]]> By: polarizer http://nullmind.com/2005/10/10/iptables-for-blogger/comment-page-1/#comment-617 polarizer Tue, 11 Oct 2005 07:43:40 +0000 http://nullmind.com/?p=148#comment-617 I do not unterstand, how this should work. As i assume your standard policy is DENY for your iptables chains. But in what way this 2 rules will affect your intention? the polarizer I do not unterstand, how this should work. As i assume your standard policy is DENY for your iptables chains. But in what way this 2 rules will affect your intention?

the polarizer

]]>