{"id":1963,"date":"2015-05-11T16:05:51","date_gmt":"2015-05-12T00:05:51","guid":{"rendered":"https:\/\/www.eskimo.com\/~nanook\/nook\/?p=1963"},"modified":"2015-05-11T16:05:51","modified_gmt":"2015-05-12T00:05:51","slug":"firewall-rules","status":"publish","type":"post","link":"https:\/\/www.eskimo.com\/~nanook\/2015\/05\/11\/firewall-rules\/","title":{"rendered":"Firewall Rules"},"content":{"rendered":"<p><span style=\"font-family: trebuchet ms,geneva,sans-serif; font-size: 10pt; color: #000080;\">\u00a0\u00a0\u00a0\u00a0 I am still adjusting firewall rules to minimize the information available to a potential attacker both in terms of choosing targets and determining the effectiveness of an attack.\u00a0 I am having some problems trying to sort out why only allowing ssh and icmp through to certain hosts results in a password failure.\u00a0 I attempting to avoid disrupting legitimate traffic but some experimentation is needed to determine what is going on.<\/span><\/p>\n<p><span style=\"font-family: trebuchet ms,geneva,sans-serif; font-size: 10pt;\">\u00a0\u00a0\u00a0\u00a0 <span style=\"color: #800000;\">I had intended to post this to<\/span> <a href=\"https:\/\/www.eskimo.com\/news\/\">Eskimo North News<\/a><span style=\"color: #800000;\">.\u00a0 Since it is already posted here I&#8217;ll leave it since there will be references from other social media.<\/span><\/span><\/p>\n<p><span style=\"color: #000080; font-family: trebuchet ms,geneva,sans-serif; font-size: 10pt;\">\u00a0\u00a0\u00a0\u00a0 I have since discovered what was causing password failures.\u00a0 I had neglected to allow DNS packets so Iglulik&#8217;s TCP wrappers could not identify the originating host and determined if it was allowed to connect.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u00a0\u00a0\u00a0\u00a0 I am still adjusting firewall rules to minimize the information available to a potential attacker both in terms of choosing targets and determining the effectiveness of an attack.\u00a0 I am having some problems trying to sort out why only &hellip; <a href=\"https:\/\/www.eskimo.com\/~nanook\/2015\/05\/11\/firewall-rules\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1963","post","type-post","status-publish","format-standard","hentry","category-uncategorized","wpautop"],"_links":{"self":[{"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/posts\/1963","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/comments?post=1963"}],"version-history":[{"count":0,"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/posts\/1963\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/media?parent=1963"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/categories?post=1963"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.eskimo.com\/~nanook\/wp-json\/wp\/v2\/tags?post=1963"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}