11 years ago · 64f586e96f
--- a/beaglebone.txt
+++ b/beaglebone.txt
 
															 TCP_PORTS="1,7,9,11,15,79,109,110,111,119,138,139,512,513,514,515,540,635,1080,1524,2000,2001,4000,4001,5742,6000,6001,6667,12345,12346,20034,27665,30303,32771,32772,32773,32774,31337,40421,40425,49724,54320"
														
 
															 UDP_PORTS="1,7,9,66,67,68,69,111,137,138,161,162,474,513,517,518,635,640,641,666,700,2049,31335,27444,34555,32770,32771,32772,32773,32774,31337,54321"
														
 
															-ADVANCED_EXCLUDE_TCP="113,139,70,80,443,143,6670,993,5060,5061,25,465,22,5222,5223,5269,5280,5281,8432,8433,8444"
														
 
															+ADVANCED_EXCLUDE_TCP="113,139,70,80,443,587,143,6670,993,5060,5061,25,465,22,5222,5223,5269,5280,5281,8432,8433,8444"
														
 
															 ADVANCED_EXCLUDE_UDP="520,138,137,67,70,80,443,143,6670,993, 5060,5061,25,465,22,5222,5223,5269,5280,5281,8444"
														
 
															 SCAN_TRIGGER="2"
														
 
															 # Drop UDP to used ports
														
 
															 iptables -A INPUT -p udp --match multiport --dports 70,80,443,143,6670,993,5060,5061,25 -j DROP
														
 
															-iptables -A INPUT -p udp --match multiport --dports 465,22,5222,5223,5269,5280,5281,8444 -j DROP
														
 
															+iptables -A INPUT -p udp --match multiport --dports 465,587,22,5222,5223,5269,5280,5281,8444 -j DROP
														
 
															 # Limit ssh logins
														
 
															 iptables -A INPUT -p tcp --dport 22 -m limit --limit 3/minute --limit-burst 1 -j ACCEPT
														
 
															 # Limit SMTP/SMTPS connections
														
 
															 iptables -A INPUT -p tcp --dport 25 -m limit --limit 3/minute --limit-burst 1 -j ACCEPT
														
 
															 iptables -A INPUT -p tcp --dport 465 -m limit --limit 3/minute --limit-burst 1 -j ACCEPT
														
 
															+iptables -A INPUT -p tcp --dport 587 -m limit --limit 3/minute --limit-burst 1 -j ACCEPT
														
 
															 # Limit Bitmessage connections
														
 
															 iptables -A INPUT -p tcp --dport 8444 -m limit --limit 3/minute --limit-burst 1 -j ACCEPT
														
 
															 #+BEGIN_SRC: bash
														
 
															 editor /etc/default/exim4
														
 
															 change SMTPLISTENEROPTIONS to:
														
 
															-SMTPLISTENEROPTIONS='-oX 465:25 -oP /var/run/exim4/exim.pid'
														
 
															+SMTPLISTENEROPTIONS='-oX 465:25:587 -oP /var/run/exim4/exim.pid'
														
 
															 #+END_SRC
														
 
															 save and exit
														
 
															 | IMAP          |        143 |
														
 
															 | IRC SSL       |       6670 |
														
 
															 | SIP           | 5060..5061 |
														
 
															-| SMTP          |         25 |
														
 
															+| SMTP          |     25,587 |
														
 
															 | SMTPS         |        465 |
														
 
															 | SSH           |         22 |
														
 
															 | XMPP          | 5222..5223 |