Trump, Tariffs, and the Canadian Economy
5 days ago
Visitors
Popular Posts
-
Please read my previous post before you watch this video. 1. Setting Your Own Website On CentOS 6 (PHP 5 & MySQL 5) 2. Instal...
-
In my previous post, I showed you how to build an website from scratch with PHP and MySQL. Now, I will start to build my forum using phpB... -
This guide will help you to create a Task Schedule to Shutdown or Restart Windows Server Automatically. First, you have to download PSshu... -
It is so sad that the graphic management VMware ESXi is not support Linux OS so today I will write about how to use vCLI on Linux. -
There are many solutions that help typing Vietnamese on Linux (RedHat/Fedora/CentOS). One of those is SCIM. It is very simple to install Sc...
My Blog List
Basic Linux System Security
Tuesday, July 26, 2011
Understanding the basics of Linux security is the best method to keep your business from outside or inside attacks.
Security Through TCP Wrappers
TCP Wrappers is a host service that can be used to limit or control access from remote host. First, check for the TCP Wrappers package to make sure it is installed:
You can limit access to either users or hosts via the /etc/hosts.allow and /etc/hosts.deny files. The TCP Wrappers service scans the two files in the following:
+ Search the hosts.allow file.
+ Search the hosts.deny file.
+ If not found in either, allow.
For security, you should deny all access to the SSH service (/etc/hosts.deny):
sshd : all
Suppose that you want to restrict access to the SSH service and allow connection only from the local network except host 192.168.1.40 . In this case, you would use the following rule in the /etc/hosts.allow:
sshd : 192.168.1. EXCEPT 192.168.1.40
If you want to allow only a single IP address to be able to access the server, you could do something like this:
sshd : 192.168.1.2
You can restrict to hosts from particular domains with the following:
sshd : .itbox4vn.com
With this line in your /etc/hosts.allow file, you allow any system on the itbox4vn.com domain to access this server. When troubleshooting TCP Wrappers, you can use the /var/log/secure file to view any information that is recorded.
Firewall Rules Using iptables
Managing the firewall is essential because many services depend on being able to interact with the outside world or the rest of your network’s security. Because the firewall is set up be default, you just need to verify that package is set to start when the system boots up:
During the boot, the /etc/rc.d/init.d/iptables script executes and starts service with the rules found in /etc/sysconfig/iptables.
Before you start configuring rules, you can view any existing firewall rules:
Let’s look at a basic iptables example to see how a rule is created. Allow SSH connections over TCP port 22:
# iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT
You can see that it is inserting this rule (I); using the default input chain (INPUT); matching only TCP connections (-m tcp); using the TCP protocol (-p tcp); looking for incoming connections on port 22 (--port 22); and, if a packet is found, jumping (-j) to the acceptant chain (ACCEPT) to allow the packet.
When Troubleshooting Firewall Rules and connections, you can temporarily disable the firewall to make sure that the firewall is really what is causing your problem in the first place. You can use the status option of the service command to view the status of iptables.
# service iptables status
Have fun!
