UFW optimization

Fungusamongus27 · 08:30 PM

Hi once again, having trouble with the iptables. I know very little about firewalls, let alone one so complex(to me anyway). I want to know how to optimize the firewall to be secure as it can be. I would prefer UFW since I heard that it was superior than the other ones. I know that this is a hard question but I come from Windows and firewalls for it is automatic. Thanks a lot.

EDIT for my earlier EDIT:umm... let me rephrase this: All( and I mean ALL) the guides that I found just tell me how to configure it myself. As I know very little about networking, I need a guide that tells me what to do to optimize it. Does this depend what I want to use?

lotuseclat79 · 29-Apr-2009, 07:39 PM #2

Hi Fungusamongus27,

Read this thread on how to implement a Beginner's iptables scheme. Copy the scripts and Read all of the messages in the thread to make sure you understand everything:
HOWTO: Set a custom firewall (iptables) and Tips [Beginners edition].

I don't know where you heard that ufw is superior to other interfaces, but since you appear to be at the novice level regarding firewalls, the above link has done most of the work, and if you read and follow the directions you will have a robust and restrictive iptables firewall.

BTW, ufw is just a different interface for iptables - not for novices.

The directions in the above thread are from the Ubuntu forum, but are applicable to any Linux distribution because the Linux kernel contains iptables capability - what is required is to give it rules to live by which is a user choice, different for every user according to their needs.

-- Tom

Fungusamongus27 · 01:01 AM

Thanks for the help again. I used the firewall script the person told me to copy. However, how do I know if it's activated(the command he gave didn't work).

lotuseclat79 · 01-May-2009, 10:09 AM #4

Quote:

Originally Posted by Fungusamongus27

Thanks for the help again. I used the firewall script the person told me to copy. However, how do I know if it's activated(the command he gave didn't work).

What command are you talking about?

If you followed ALL of the directions, i.e. there is more than one script to install, then the command (given as root):
# /etc/init.d/firewall start
should work.

Note: /etc should have two scripts: firewall.bash and flush_iptables.bash
and /etc/init.d should have one script: firewall

To test if your firewall rules are working, issue the following command:
$ sudo iptables -L
If you get output such as the following, then it is working:
Chain INPUT (policy ACCEPT)
target prot opt source destination
FIREWALL all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain FIREWALL (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
TRUSTED all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain TRUSTED (1 references)
target prot opt source destination

-- Tom

Fungusamongus27 · 09:21 PM

Alright, thanks it works. Is there anyway I can test it?

lotuseclat79 · 02-May-2009, 08:12 AM #6

Try Shields Up!, or Nmap Online.

-- Tom

Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet java laptop malware memory monitor motherboard music network obp printer problem ram registry repair router slow software sound toshiba trojan usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for:

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!