Welcome to another tutorial of "What the f*ck is Oracle doing to my machine without me asking for it?"
I will cover in this guide how to correctly setup your machine to get rid of the stupid Oracle's agent on your machine, and even pimp your machine a little bit. You can't say no to that! :D Anyhow, let's start right now!
When you create a machine, I HIGHLY recommend that you grab the SSH keys that Oracle gently ask you to also take. SSH keys are much more secure than passwords and you'll drastically avoid potential security issue with SSH. Oracle will automatically take care to refuse any password connection (Only allowing SSH keys connection) by then.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### 1: Drop invalid packets ### | |
/sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP | |
### 2: Drop TCP packets that are new and are not SYN ### | |
/sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP | |
### 3: Drop SYN packets with suspicious MSS value ### | |
/sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP | |
### 4: Block packets with bogus TCP flags ### |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!doctype html> | |
<title>Site Maintenance</title> | |
<style> | |
body { text-align: center; padding: 150px; } | |
h1 { font-size: 50px; } | |
body { font: 20px Helvetica, sans-serif; color: #333; } | |
article { display: block; text-align: left; width: 650px; margin: 0 auto; } | |
a { color: #dc8100; text-decoration: none; } | |
a:hover { color: #333; text-decoration: none; } | |
</style> |