Skip to content
Tags

,

KALI – How to configure IPTABLES to block Telnet and FTP – The Visual Guide

16/08/2013

Iptables is a kernel based utility to set up access control based on protocols, services, ports or the actual interface.  You will use Zenmap to test the iptables are operational.

Step 1 – Root Terminal – To reject Telnet incoming connections

iptables -A INPUT -p tcp –dport 23 -j REJECT

iptables -L -n -v

**Your rules will be displayed

iptables INPUT TELNET

******

How to DROP Telnet instead of REJECT

iptables -A INPUT -p tcp –dport 23 -j DROP

*****

iptables -L -n -v

iptables -v -L INPUTiptables drop

********

Step 2 – To stop TELNET outbound connections

iptables  -A OUTPUT -p tcp  –sport 23 -j DROP

iptables -L -n -v

iptables -v -L OUTPUT

telnet output

DROP vs REJECT

The REJECT target will send a reply icmp packet to the source system telling that system that the packet has been rejected. By default the message will be “port is unreachable”.

The DROP target simply drops the packet without sending any reply packets back.

The REJECT target is vulnerable to DoS  attacks.

iptables drop

Step 3 – Want to see Line numbers on the rules?

iptables -L -v -n –line-number

line numbers

Step 4 – Made a mistake and need to delete a rule?

List by line numbers – then delete the  rule by it’s line number

iptables -D INPUT 2

-D = Delete

INPUT  rule 2

delete iptables line

The rules are temporary… so after a reboot they’ll be cleared

 

******

Step 5 – Test the rules with ZENMAP

Applications > Kali > Vulnerability > Misc Scanners < Zenmap

Type the IP address of your machine into Target > Scan

*******

The iptables blocking telnet gave these results when tested:

zen map results telnet ip reject filterzen test of telnet iptables rules

When both FTP and Telnet are blocked, Zenmap results were:

zenmap blocked telnet and ftp

That’s it.  You’ve blocked Telnet incoming and outgoing, and doublechecked your work using Zenmap.  Easy right?

********

So what is Iptables?

Iptables is a user space utility

Designed to configure the 3 network layer kernel filtering chains

INPUT, OUTPUT, FORWARD

-i = Incoming interface (INPUT and FORWARD Chains)

-o = Outgoing interface

-A = Append or Add to a chain

-P = Default policy eg deny all or allow all

********

From → BackTrack, FIREWALL IPTABLES, KALI, Uncategorized

2 Comments
  1. Null permalink

    Perhap you shall explain most like distro like Ubuntu, Debian, Fedora, etc. using iptables adding as a customize firewall in which some other GUI software may incorporated with it such as NuFW,etc. At the same time you shall also explain how you can see an open port by using the command

    netstat -tulnp

    Or simply disable the service.

    Like

    Reply
  2. wasitaratisaw permalink

    ubuntu is exactly the same in my opinion… same iptables rules.. same syntax blah blah

    Liked by 1 person

    Reply

Leave a comment

«
»