So a while back there were lots of attempted accesses to my server, so I got a little paranoid and locked everything down 100%. I turned off all router remote operation, installed fail2ban, setup iptables, a separate blocklist script, ssh private key logins, turned off admin/root logins, removed sudo/admin privileges from my own user account, and closed all router port forwarding. Now I'm trying to loosen the laces a bit and allow for just a couple externally open ports, but I can't seem to access still. Was wondering if someone would be kind enough to point out the mistake :(. Thank you
iptable rules >>
# Generated by iptables-save v1.4.14 on Mon Jun 1 23:18:04 2015
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 192.168.1.0/24 -p tcp -j ACCEPT
-A INPUT -s 192.168.1.0/24 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9091 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8081 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32400 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5050 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j DROP
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 43.229.52.147/32 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 43.229.52.147/32 -j DROP
-A INPUT -s 43.229.52.187/32 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 43.229.52.187/32 -j DROP
-A INPUT -s 195.244.40.183/32 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 195.244.40.183/32 -j DROP
-A INPUT -p tcp -j DROP
-A FORWARD -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -j ACCEPT
COMMIT
# Completed on Mon Jun 1 23:18:04 2015
Alles anzeigen
P.S. I was told on IRC that I should just get rid of the iptables all together, they said I already had done everything already and iptables ar overkill and not needed. True?