The figure below calls out
- The netfilter hooks
- The order of table traversal
Vladimir Chernyshev it-engineer-pro
🎯
it-engineer-pro
/ iptables-cheatsheet.md
Created
June 12, 2024 21:28
— forked from egernst/iptables-cheatsheet.md
iptables-cheatsheet
it-engineer-pro
/ README.md
Created
February 12, 2024 00:13
— forked from magnetikonline/README.md
BIND - delegate a sub domain for a zone.
it-engineer-pro
/ update_root_hints.sh
Last active
May 30, 2024 20:58
— forked from lyjacky11/update_root_hints.sh
Update root.hints file for Pi-Hole Unbound Service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # wget -nv -O named.root https://www.internic.net/domain/named.root | |
| echo "[i] Backing up root.hints ..." | |
| cd /var/lib/unbound | |
| sudo cp root.hints $(date +%F).root.hints | |
| if [ -s $(date +%F).root.hints ] | |
| then | |
| echo "[✓] Backup root.hints success!" | |
| echo "" |
Iptables(8) TARPIT is a useful security mechanism that can slow down or stop attacks on a network. If everyone used TARPIT to block attackers, in theory their resources would be exhausted as their connection attempts would be delayed, which would discouraged people from attempting unauthorized access. Here's a brief description of how TARPIT works:
To achieve this tar pit state, iptables accepts the incoming TCP/IP connection and then switches to a zero-byte window. This forces the attacker's system to stop sending data, rather like the effect of pressing Ctrl-S on a terminal. Any attempts by the attacker to close the connection are ignored, so the connection remains active and typically times out after only 12–24 minutes. This consumes resources on the attacker's system but not
lyjacky11
/ update_root_hints.sh
Created
August 20, 2022 19:26
Update root.hints file for Pi-Hole Unbound Service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "[i] Backing up root.hints ..." | |
| cd /var/lib/unbound | |
| sudo cp root.hints $(date +%F).root.hints | |
| if [ -s $(date +%F).root.hints ] | |
| then | |
| echo "[✓] Backup root.hints success!" | |
| echo "" |
egernst
/ iptables-cheatsheet.md
Last active
June 12, 2024 21:28
— forked from mcastelino/iptables-cheatsheet.md
iptables-cheatsheet
IPTables is the Firewall service that is available in a lot of different Linux Distributions. While modifiying it might seem daunting at first, this Cheat Sheet should be able to show you just how easy it is to use and how quickly you can be on your way mucking around with your firewall.
The following list is a great set of documentation for iptables. I used them to compile this documentation.
- How-To Geek: The Beginner’s Guide to iptables, the Linux Firewall: https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
- IPTables Essentials: Common Firewall Rules and COmmands https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
