iptables is present by default on all modern Linux distributions. It's easy to configure for common scenarios:

1.  If don't want to contact a given site (for example, a known malware site), you can block traffic to that IP address:

        #iptables -A OUTPUT -d 8.8.8.8 -j DROP 

If you use PING 8.8.8.8 in another terminal, then by running the iptables command, you will see this:

        PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 
        64 bytes from 8.8.8.8: icmp_req=1 ttl=56 time=221 ms 
        64 bytes from 8.8.8.8: icmp_req=2 ttl=56 time=221 ms 
        ping: sendmsg: Operation not permitted 
        ping: sendmsg: Operation not permitted 

Here, the ping fails the third time because we used the iptables command to drop all traffic to 8.8.8.8.

2. You can also block traffic to a specific port:

        #iptables -A OUTPUT -p tcp -dport 21 -j DROP 
        $ ftp ftp.kde.org 
        ftp: connect: Connection timed out 

If you find messages like this in your /var/log/secure or var/log/messages file, you have a small problem:

        Failed password for abel from 1.2.3.4 port 12345 ssh2 
        Failed password for baker from 1.2.3.4 port 12345 ssh2 

These messages mean a robot is probing your system for weak passwords. You can prevent the robot from accessing your site with an INPUT rule that will drop all traffic from that site.

        #iptables -I INPUT -s 1.2.3.4 -j DROP