|Notification of an attempted connection.|
That is okay by me though, I use Ubuntu; meaning I don't get viruses, and the only port I have remotely open is for the IPP because the network is Windows. Recently I have wanted to see all of the garbage that is coming in. I originally hacked something up in nc, but decided that wasn't good enough, here is my solution, that includes notifying you when someone attempts to connect to your port (this is a feature missing in all of the Linux firewalls I have found and seems to be a common complaint) the finished product will look something like the photo above.
- Ubuntu / Distro of your choice.
- iptables (installed by default in Ubuntu 10.10)
- gufw (sudo apt-get install gufw)
- notify-send / espeak / xmessage / zenity / other communication interface
- Install all of the above.
- Under System > Administration > Firewall Configuration, set Incoming to Reject; and turn on the Firewall.
- Copy the shell script below to your machine:
- For this to work though, you will need the program notify-send, if it is not installed, you could replace it with espeak (to have your computer announce that you dropped a connection), xmessage, or zenity.
- Watch how many times you are attacked. (You might want to consider posting/looking up your findings to dshield)