You helped me with my problems at past, so i hope you can help me with this too
I operate Linux Mint 22
Please help me to stop my laptop from responding to:
ALL incoming traffic (especially pings)
Block port 80
First rule I need because I regularly use corporate network and some “genius” uses ping flood to my devices as “prank”. Second rule I need because I want to mitigate SSL strip attack (if rule can be harmful, please let me know)
Summary for those who don’t want to read:
How to DROP (not reject!) ALL incoming traffic (especially pings) and block port 80 (make http websites unavailable)?
sudo iptables -A INPUT -i wlan0 -j DROP # Replace wlan0 with your actual network interface
sudo iptables -A INPUT -i eth0 -j DROP # Replace eth0 with your actual network interface
sudo iptables -A INPUT -i -j DROP # Add rule for any additional interface to block all connections from them
sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP # Blocking pings. Use this if DROP ALL INPUT breaks something
sudo iptables -A INPUT -p tcp --dport 80 -j DROP
to make the rules permanent
sudo apt install iptables-persistent
sudo netfilter-persistent save
sudo systemctl enable netfilter-persistent.service
as for sites.
Browsers like Firefox like Brave (etc.) include am option to force HTTPS and warn if you’re connecting to http so no need to block.
Generally as long as a site is old or doesn’t need anything sensitive it’s actually fine for http but for security reasons it’s best to avoid it especially if it doesn’t meet those criterias but yeah
I’m curious about something I witness often with strict HTTPS enabled. Several times a day I’ll receive a message that a site which is actually an HTTPS site (commonly used, legitimate sites) are actually HTTP. I’ll sometimes have to refresh the page several times before the browser recognizes that it is HTTPS and will load it. This has happened when using Firefox, Brave, as well as other browsers that have strict HTTPS mode. Does this indicate that an attacker is trying to serve me a malicious decoy website? Or is it just a glitch that happens sometimes?
