Linux Archive

Linux Archive (
-   CentOS (
-   -   Hacking Issue (

"Jennifer Botten" 09-26-2011 11:02 AM

Hacking Issue


I am having an issue with someone accessing our server via a
SIP/VOIP connection. I have changed my iptables rules to drop all UDP traffic
from and too this IP address, but this traffic seems to still run through my
server. These are the iptables rules that I current have on the server.

-A INPUT -i eth0 -s -p udp -j DROP

-A INPUT -i eth0 -d -p udp -j DROP





Jennifer Botten





CentOS mailing list

Jorge Fábregas 09-26-2011 11:08 AM

Hacking Issue
On 09/26/2011 07:02 AM, Jennifer Botten wrote:
> -A INPUT -i eth0 -d -p udp -j DROP

This needs to be:

-A OUTPUT -i eth0 -d -p udp -j DROP

...if you want to drop packets initiated from your system to that
ip...which doesn't make any sense if you're dropping all the incoming
connection from that ip.

On why are you still getting packets from that ip... perhaps there's
also TCP traffic? If you want to completely drop packets from that ip
simply remove the protocol argument like this:

-A INPUT -i eth0 -s -j DROP

CentOS mailing list

All times are GMT. The time now is 07:10 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.