Network config control by cron
Stuart Sears
stuart at sjsears.com
Fri Jul 2 17:43:14 UTC 2004
Steve Larsen wrote:
> At 09:35 AM 7/2/2004 -0700, Rick Stevens wrote:
>
>> Bob McClure Jr wrote:
>>
>>> On Fri, Jul 02, 2004 at 06:52:48AM -0700, Al Gelders wrote:
>>>
>>>> Where do I look to find out how to activate and deactivate my ppp
>>>> network interface using cron? These days auto disconnect doesn't work
>>>> because my system is getting pinged every few seconds by hackers (I
>>>> presume).
>>>> -- al gelders
>>>> agelders at lightspeed.net
>>>
>>>
>>> How about blocking pings with your firewall?
>>
>>
>> That's one option. To shut it down via cron, add this to root's
>> crontab:
>>
>> m h * * * /sbin/ifdown ppp0
>>
>> where "m" = the minute you want it shut down and "h" = the hour you
>> want it down. E.g. to shut it down at 2:30 p.m.
>>
>> 30 14 * * * /sbin/ifdown ppp0
>> ----------------------------------------------------------------------
>> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
>> - VitalStream, Inc. http://www.vitalstream.com -
>> - -
>> - grep me no patterns and I'll tell you no lines -
>> ----------------------------------------------------------------------
>
>
>
> Hi Rick,
>
> I have a similar question, couldn't he just disable a portion of icmp?
> And if so .. how does that work .. disabling say just ping but leaving
> rlogin or rcp functional? Maybe I'm not asking this correctly, he could
> just comment out those ports and restart his network services, but is
> there a way to just chop out ping or rcp .. etc. ?
this would probably do that:
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
which will drop incoming icmp-echo-requests (pings)
HTH
Stuart
More information about the Redhat-install-list
mailing list