Originally posted by SimpleFriend
Podem-me tentar esclarecer duas questões:
Desculpem a mha ignorância, mas o q são IPTables e exploits??
Quanto às IPTables, repete depois de mim:
"Tenho de resistir à tentação de perguntar 1º e procurar depois".
1º link do alltheweb quando se procura em IPTables:
What is it?
Iptables is the replacement for the userspace tool ipchains in the Linux 2.4 kernel and beyond. It is part of the kernelspace netfilter project. Iptables has many more features than ipchains and is also structured more sensibly. The main points of note are as follows:
* Connection tracking capability, i.e. the ability to do stateful packet inspection. This works for icmp and udp as well as tcp connections. For instance, stateful icmp filtering allows you to only allow an icmp echo-reply in if an echo-request went out. This is something you couldn't do with ipchains ....... most people would block echo-requests but blindly accept echo-replies with the assumption that they would always be in response to their own pings. Not true. Unsolicited echo-replies can be a sign of a Smurf amplification attack, a Tribe Flood Network communication between master and daemon, or a Loki 2 back-door.
* Simplified behaviour of packets negotiating the built-in chains (INPUT, OUTPUT and FORWARD). On multi-homed hosts, packets travelling between interfaces negotiate only the FORWARD chain rather than all three built-in chains as they did before (providing packet forwarding is enabled of course).
* A clean separation of packet filtering and network address translation (NAT). This is very nice; in ipchains masquerading was done as part of the packet-filtering, but in iptables masquerading is treated as a particular type of source NAT (SNAT) as it should be. Redirection, in turn, is treated as a particular type of destination NAT (DNAT). SNAT is done after routing and DNAT is done before routing, which makes it easy to define your rulebase and add NAT as an afterthought.
* Rate-limited connection and logging capability. Now you can limit both connection attempts, as in SYN-flooding Denial of Service (DOS) attacks, and also prevent your logs being flooded, as happened in the Jolt2 fragment-driven DOS attack against Checkpoint's Firewall-1. Another very nice feature.
* The ability to filter on tcp flags and tcp options, and also MAC addresses.
Originally posted by SimpleFriend
E como se pode entar num PC?? por exemplo como aconteceu ao nothing e ao kanguru
Naqueles 2 casos específicos...? Simples, tinham os serviços de impressão e partilha de ficheiros disponíveis a todo o mundo. Nem sequer se precuparam em fechar a conta de Guest.