Okay,

Last night I installed slackware on my old computer intending to make a server for apache, samba and perhaps router later on. Now I am wondering what kind of security measures should I put in there. Firewalls and such. I'm pretty new to linux but I think it will be secure if properly confed


I've been using SSH connection on it with Putty and noticed I've had several connection attempts from a single IP-address from another country trying to access my root or user accounts. What can I make to stop this from happening.

Have a look at the LQ FAQ: Security references.

Ah... danke. Again if I only had browsed the right forum....

But I'll read those and check back if/when problems appear.

A very easy-to-install IPTABLES firewall script is arno-iptables-firewall. If you search the net you can find it.

I did this right after I installed slackware (new to linux) and I could figure it out...the instructions are great.

This will stealth all your ports, and not respond to pings.

Okay, I installed the arno firewall (package found in linuxpackages.net). Now I can't access my server from other machine using putty. I know this is the firewall blocking ALL the traffic but how can I change this? I need to conf the /etc/arno-iptables-firewall.conf file, correct? What line? I only found that I could give access to certain card which connects to my LAN but I use the same card for net and if I enable that I enable ALL the traffic again rendering the firewall useless...

confusing.

If you need a GUI firewall configuration tool, you should probably look at guarddog.

On the other hand, you're running a server, so you probably don't want to be running X.

Note that guarddog is a configuration tool for Ip-tables, so you should be fine if you use it. It's not a stand-alone third party firewall.

There should be some notes on the website? I was not creating a server, just a desktop, so I was glad to have something to make me mostly disappear. I'm sure there is a simple way to get arno-iptables to work. This is a very common requirement.

Somebody check me on it, but I think guarddog requires KDE. I only run X so I couldn't use it. I decided on arno since it doesn't require any w/m.

shorewall + denyhost is all you need. when someone is trying to login to your box and fails, denyhost will automatically add that ip to your hosts.deny file. i have mine defined to add to the file with 2 failed login and i know my login wont fail since im using public key authentication. also with shorewall its pretty easy to only allow a single ip to connect using ssh. shorewall is just another frontend for iptables like the others mentioned here but it was the easiest for me to install and configure.