another newbie question...
Looking at hardening an already fairly hardened firewall, and trying to see if I can block port 113, or at least stop it from responding to outside ping requests... Whether this is successfull (or wise) - well at least I can reverse it if I have to.
I have the following script in my iprules file:
# allow ident
iptables -t nat -A PREROUTING -p tcp --dport 113 -i eth0 -j ACCEPT
I could change ACCEPT to DROP I suppose, but another way would be to send this request of to the wild blue yonder (and upset the server in question) by forwarding the request to another non-existant IP address.
What I need to know is how to do the script - any offers?
TIA
cheers...pix