Com as invas\u00f5es de PCs, m\u00e1quinas zumbis e outras coisas que podem ser um inc\u00f4modo (principalmente quando se trata de um servidor), medidas de seguran\u00e7a nunca s\u00e3o demais.<\/p>\n
Hoje, eu vou mostrar um simples script que criei para o\u00a0IPtables<\/em>. Eu fiz isso no\u00a0Slackware 14.0<\/em>, mas voc\u00ea poder\u00e1 tamb\u00e9m executar este script em outra distribui\u00e7\u00e3o.<\/p>\n Bloqueando portas de entrada:<\/p>\n iptables -A INPUT -p icmp –icmp-type echo-request -j DROP A op\u00e7\u00e3o\u00a0-A INPUT<\/span>\u00a0diz que o Firewall dever\u00e1 bloquear todas as portas de entradas que forem definidas. Nesse caso, eu resolvi criar um script que possa ser usado tanto em computadores dom\u00e9sticos, quanto em servidores.<\/p>\n Podem ver, que eu bloqueei tamb\u00e9m a porta do X e a porta padr\u00e3o do NetBus. Pois fiquei sabendo de patches para\u00a0GNU\/Linux. Nenhum sistema operacional \u00e9 100% seguro, tanto que, at\u00e9 o\u00a0Android<\/em>\u00a0da Google tamb\u00e9m \u00e9 infectado.<\/p>\n A op\u00e7\u00e3o\u00a0-p<\/span>\u00a0indica o protocolo. Voc\u00ea pode usar\u00a0TCP<\/span>\u00a0ou\u00a0UDP<\/span>.<\/p>\n J\u00e1 a\u00a0–destination-port<\/span>\u00a0indica a porta de destino. Ou seja, qual servi\u00e7o deve ser bloqueado ou liberado pelo IPtables. A op\u00e7\u00e3o\u00a0-j DROP<\/span>\u00a0indica que a porta ser\u00e1 bloqueada. Deve ser definida logo ap\u00f3s a porta destino.<\/p>\n","protected":false},"excerpt":{"rendered":" Com as invas\u00f5es de PCs, m\u00e1quinas zumbis e outras coisas que podem ser um inc\u00f4modo (principalmente quando se trata de um servidor), medidas de seguran\u00e7a nunca s\u00e3o demais. Hoje, eu vou mostrar um simples script que criei para o\u00a0IPtables. Eu fiz isso no\u00a0Slackware 14.0, mas voc\u00ea poder\u00e1 tamb\u00e9m executar este script em outra distribui\u00e7\u00e3o. Bloqueando […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[730,1,830,79,42,51,495,68,271,548],"tags":[1157,349,117,148],"class_list":["post-4926","post","type-post","status-publish","format-standard","hentry","category-clusterweb","category-viazap","category-debian","category-firewall","category-leitura-recomendada","category-linux-linuxrs","category-profissional-de-ti","category-redes-2","category-seguranca-2","category-ubuntu-2","tag-bloqueando","tag-com","tag-iptables","tag-portas"],"_links":{"self":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/4926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4926"}],"version-history":[{"count":1,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/4926\/revisions"}],"predecessor-version":[{"id":4927,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/4926\/revisions\/4927"}],"wp:attachment":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n#Iptables configura\u00e7\u00e3o.
\n#Script criado por Pangas<\/span><\/p>\n
\niptables -A INPUT -p tcp –destination-port 80 -j DROP
\niptables -A INPUT -p tcp –destination-port 443 -j DROP
\niptables -A INPUT -p tcp –destination-port 22 -j DROP
\niptables -A INPUT -p tcp –destination-port 1234 -j DROP
\niptables -A INPUT -p tcp –destination-port 21 -j DROP
\niptables -A INPUT -p tcp –destination-port 12345 -j DROP
\niptables -A INPUT -p tcp –destination-port 20 -j DROP<\/p><\/div>\n