I think it would be really nice of you to give out a firewall template for a standard web server.
With protections etc. And a bit of documentation on that.
firewalling rulesets
firewalling rulesets
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
-
- Forum Regular
- Posts: 661
- Joined: Mon Oct 29, 2007 6:51 pm
Re: firewalling rulesets
Check out APF - its pretty good
http://www.rfxn.com/projects/advanced-policy-firewall/
I think its also available in atomic
yum install apf
http://www.rfxn.com/projects/advanced-policy-firewall/
I think its also available in atomic
yum install apf
Re: firewalling rulesets
I use iptables in my fw. Apf is just a change in the interface ... Nothing more.
I only suggested that to the guys cause I believe this could come in handy for many people.
Especially some rules for denial of service.
I only suggested that to the guys cause I believe this could come in handy for many people.
Especially some rules for denial of service.
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: firewalling rulesets
Yeah I agree, we did cover some standard rule groups like you're talking about in the book. Its definitely something we'll be working on in future ASL modules.
Re: firewalling rulesets
What Book ?scott wrote:Yeah I agree, we did cover some standard rule groups like you're talking about in the book. Its definitely something we'll be working on in future ASL modules.
Yeah. I think since ASL deserves it. You have done a very nice job in hardening security and missing something so important is a pity.
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: firewalling rulesets
The book we wrote that is on the front page of the website "Troubleshooting Linux Firewalls" by Addison-Westley-Prentice-Hall
Re: firewalling rulesets
May I please have a GPL pdf of it ? hehe Just kidding. I'll check it outscott wrote:The book we wrote that is on the front page of the website "Troubleshooting Linux Firewalls" by Addison-Westley-Prentice-Hall
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Re: firewalling rulesets
"Troubleshooting Linux Firewalls" is great and has really helped me understand the deeper principles of data flow into/out of networks, helping improve office network security as well as on servers in the wild. Insights, tips and guides in this book have convinced (and helped) me to hand-roll firewall/iptables rules as it is by far and away the most flexible approach (for me at least).
-
- Forum Regular
- Posts: 661
- Joined: Mon Oct 29, 2007 6:51 pm
Re: firewalling rulesets
want to send me a copy or two - every 10 licenses of ASL you get a book :p