Posted on 2006-11-16
hi i need to apply the following rules on my fedora core 5 box.
I am an apprentice at this computer company and my head IT guy as told me to do the following. And i am not comfortable with it at all.
Blacklist (drop packets from) any host that performs a port scan
Blacklist any host that attempts to use an illegal HTTP method (such as PUT or DELETE)
Limit packets to any one host to a maximum of 10% of the available bandwidth
Log information about any host which transfers more than 100 kb in one connection (do not block the transfer)
Permit ssh connections only from the local network in the day, and only from host not on the local network at night and on weekends
Fingerprint and log the machine type of any host sending a packet to a port on which we are not running a service
Prevent the MySQL server from sending any packets to the network on any port