Iptables is an extremely flexible firewall utility built for Linux operating systems. Whether you’re a novice Linux geek or a system administrator, there’s probably some way that iptables can be a great use to you. Read on as we show you how to configure the most versatile Linux firewall.
Full article here:
The Beginner’s Guide to iptables, the Linux Firewall (How-To Geek)
Now that you have set up your personal Asterisk® server, it’s time to secure it. I can’t overstate the importance of this step. Without it, you could be leaving your server’s VoIP and SSH ports open for anyone on the Internet, which is a very bad idea and may cost you a lot of money.
Full article here:
Securing Your Asterisk VoIP Server with IPTables (Lin’s Tech Blog)
The ufw (Uncomplicated Firewall) is an frontend for most widely used iptables firewall and it is well comfortable for host-based firewalls. ufw gives a framework for managing netfilter, as well as provides a command-line interface for controlling the firewall. It provides user friendly and easy to use interface for Linux newbies who are not much familiar with firewall concepts.
While, on the other side same complicated commands helps administrators it set complicated rules using command line interface. The ufw is an upstream for other distributions such as Debian, Ubuntu and Linux Mint.
Full article here:
How to Install and Configure UFW – An Un-complicated FireWall in Debian/Ubuntu (TecMint)
While this series is intended specifically for Raspberry Pi users, anyone new to Linux that would like to know how to secure their system would likely benefit from reading these articles from “The Unwritten Words”:
Raspberry Pi: Initial Setup (Security – Part I)
Raspberry Pi: iptables (Security – Part II)
Raspberry Pi: fail2ban (Security – Part III)
Here’s a quick tutorial on how to make unprivileged programs listen on privileged ports. The trick here is to make the unprivileged program to listen on an unprivileged port and redirect the privileged port to the unprivileged through iptables.
Full article here:
How to make unprivileged programs listen on privileged ports (catonmat.net)
Before moving into the article, let me tell you how this article has been written. This article starts with the introduction to knockd, and proceeds with the implementation of port knocking by using iptables. Note that the same port knocking can be achieved using knockd, as well, which will be discussed in the upcoming article.
Full article here:
Port knocking: Enhance Security Using knockd and/or Iptables From Basics (Unixmen)
For many Linux users this will be a “Thank you, Captain Obvious” type of post, but it’s one of those things that some Webmin users might not realize. If you use Webmin’s “Linux Firewall” configuration page to configure the iptables firewall in Linux, and you click “Apply Configuration”, it will remove fail2ban‘s rules from your active iptables configuration. So, you must go to a Linux command prompt and enter service fail2ban restart — UNLESS you make a small change in the Webmin “Linux Firewall” configuration.
From the Webmin “Linux Firewall” main page, click Module Config, then on the configuration page, in the “Configurable options” section, look for the line “Command to run after applying configuration.” Click the button next to the text box on that line, and in the text box enter service fail2ban restart and then click the Save button at the bottom of the page. That’s all you need — now every time you make a firewall change and click “Apply Configuration”, it will automatically restart fail2ban for you.
This article was originally published in November, 2010.
I’m not entirely certain of the original source of this article — I found it on one site, but a quick search reveals that the original source is most likely this site, but I may be wrong. The author of that article says he took some of the info in that article (looks like more than “some” from where I sit) from this article: How to: Linux Iptables block common attacks
Related articles found on that site are Using iptables to secure a Linux based Asterisk installation against hack attempts and Securing Asterisk – Fail2Ban (and that latter article looks suspiciously similar to this one: Fail2Ban (with iptables) And Asterisk).
I don’t know how valid or useful any of this is, but if you are running iptables on your system (if you’re not sure enter iptables -V on the command line — it should show you the version of iptables that is installed, if it is installed) then you might want to check these articles out. And if you find an earlier source for any of these, let me know and I’ll include the links. I know that in the technical community sometimes information gets copied around, but would it kill you guys to give attribution and a link to the original source when you are lifting information (or even raw text) from someone else’s article?
Recent Comments