Use IPTables to block access to internal network resources #194

Currently, a malicious user can access things in the internal network of @a.
Using a rule like this could prevent this.
iptables -A OUTPUT -d 192.168.1.0/24 -j REJECT --reject-with icmp-net-unreachable
With the limited testing i did, going to dsldevice.attlocal.net gave me the MAC address of the devices connected too..
I am not sure if this would mess with port forwarding tho..

Currently, a malicious user can access things in the internal network of @a. Using a rule like this could prevent this. `iptables -A OUTPUT -d 192.168.1.0/24 -j REJECT --reject-with icmp-net-unreachable` With the limited testing i did, going to dsldevice.attlocal.net gave me the MAC address of the devices connected too.. I am not sure if this would mess with port forwarding tho..

I added the ufw rule ufw deny out to 192.168.1.254 port 80. I think this should be enough to prevent exposure of the MAC addresses, but let me know if more needs to be done.

I added the `ufw` rule `ufw deny out to 192.168.1.254 port 80`. I think this should be enough to prevent exposure of the MAC addresses, but let me know if more needs to be done.

https is still open @a

https is still open @a

Fixed, thanks!

> https is still open @a Fixed, thanks!

Labels Milestones

Use IPTables to block access to internal network resources #194