Recipe 2.8 Blocking Access to a Remote Host
2.8.1 ProblemYou want to block outgoing traffic to a particular host. 2.8.2 SolutionTo block all access: For iptables: # iptables -A OUTPUT -d remote_IP_address -j REJECT For ipchains: # ipchains -A output -d remote_IP_address -j REJECT To block a particular service, such as a remote web site: For iptables: # iptables -A OUTPUT -p tcp -d remote_IP_address --dport www -j REJECT For ipchains: # ipchains -A output -p tcp -d remote_IP_address --dport www -j REJECT 2.8.3 DiscussionPerhaps you've discovered that a particular web site has malicious content on it, such as a trojan horse. This recipe will prevent all of your users from accessing that site. (We don't consider "redirector" web sites, such as http://www.anonymizer.com, which would get around this restriction.) 2.8.4 See Alsoiptables(8), ipchains(8). |
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
EAN: 2147483647
Year: 2006
Pages: 247
Pages: 247
- Chapter I e-Search: A Conceptual Framework of Online Consumer Behavior
- Chapter II Information Search on the Internet: A Causal Model
- Chapter IV How Consumers Think About Interactive Aspects of Web Advertising
- Chapter VIII Personalization Systems and Their Deployment as Web Site Interface Design Decisions
- Chapter XVII Internet Markets and E-Loyalty