Maybe you are in charge of a whole Datacenter or just only managing your home multimedia server, in both cases (and hoping you were working with linux :P) port security is recommended.
In my experience when just plug a new server (server without any configuration) into the "cloud" immediately sense many unexpected connections pointing the well-know ports like 23(telnet) or 22(ssh), so have to considering enable firewall rules with iptables.
One tool I used to use for easy management of iptables is APF (Advanced Policy Firewall) and here I am going to show you how to install in a few steps. This time I am using Ubuntu 14.04 server.
With sudo user:
APF is disabled and we can review status of iptables rules:
DEVEL_MODE="0"
IG_TCP_CPORTS="22,80"
Now we Start APF service:
Messages will be shown:
In my experience when just plug a new server (server without any configuration) into the "cloud" immediately sense many unexpected connections pointing the well-know ports like 23(telnet) or 22(ssh), so have to considering enable firewall rules with iptables.
One tool I used to use for easy management of iptables is APF (Advanced Policy Firewall) and here I am going to show you how to install in a few steps. This time I am using Ubuntu 14.04 server.
With sudo user:
root@ngnix1:/home/wmunguiam# apt-get install apf-firewall
Se instalarán los siguientes paquetes NUEVOS:
apf-firewall iproute
¿Desea continuar? [S/n] S
Configurando iproute (1:3.12.0-2ubuntu1) ...
Configurando apf-firewall (9.7+rev1-3) ...
* apf-firewall disabled, please adjust the configuration to your needs
* and then set RUN to 'yes' in /etc/default/apf-firewall to enable it.
Processing triggers for ureadahead (0.100.0-16) ...
root@ngnix1:/home/wmunguiam#Of course, as recommended, we have to adjust configuration to fit our needs. As we want to only allow HTTP and SSH we will edit:
APF is disabled and we can review status of iptables rules:
root@ngnix1:/home/wmunguiam# iptables -L
Chain INPUT (policy ACCEPT)target prot opt source destination
Chain FORWARD (policy ACCEPT)target prot opt source destination
Chain OUTPUT (policy ACCEPT)target prot opt source destinationSo we edit configuration file:
vim /etc/apf-firewall/conf.apfChanges made:
DEVEL_MODE="0"
IG_TCP_CPORTS="22,80"
Then we edit start-production flag file:
vim /etc/default/apf-firewall
Changes:
RUN="yes"
Now we Start APF service:
apf -s Messages will be shown:
apf(1495): {glob} status log not found,
createdapf(1495): {glob} activating firewall
apf(1495): {glob} firewall initalized
NOTE: Maybe APF will not start because a kernel "difference", In the NEXT POST I will deal with that case.
Comments
Post a Comment