Use IPTables to block access to internal network resources #194
Loading…
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Currently, a malicious user can access things in the internal network of @a.
Using a rule like this could prevent this.
iptables -A OUTPUT -d 192.168.1.0/24 -j REJECT --reject-with icmp-net-unreachable
With the limited testing i did, going to dsldevice.attlocal.net gave me the MAC address of the devices connected too..
I am not sure if this would mess with port forwarding tho..
I added the
ufw
ruleufw deny out to 192.168.1.254 port 80
. I think this should be enough to prevent exposure of the MAC addresses, but let me know if more needs to be done.https is still open @a
Fixed, thanks!