SECURITY: How to install firewalls and such for slack
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
SECURITY: How to install firewalls and such for slack
Okay,
Last night I installed slackware on my old computer intending to make a server for apache, samba and perhaps router later on. Now I am wondering what kind of security measures should I put in there. Firewalls and such. I'm pretty new to linux but I think it will be secure if properly confed
I've been using SSH connection on it with Putty and noticed I've had several connection attempts from a single IP-address from another country trying to access my root or user accounts. What can I make to stop this from happening.
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705
Rep:
Quote:
Originally Posted by Zmyrgel
Okay,
Last night I installed slackware on my old computer intending to make a server for apache, samba and perhaps router later on. Now I am wondering what kind of security measures should I put in there. Firewalls and such. I'm pretty new to linux but I think it will be secure if properly confed
I've been using SSH connection on it with Putty and noticed I've had several connection attempts from a single IP-address from another country trying to access my root or user accounts. What can I make to stop this from happening.
A very easy-to-install IPTABLES firewall script is arno-iptables-firewall. If you search the net you can find it.
I did this right after I installed slackware (new to linux) and I could figure it out...the instructions are great.
This will stealth all your ports, and not respond to pings.
A very easy-to-install IPTABLES firewall script is arno-iptables-firewall. If you search the net you can find it.
I did this right after I installed slackware (new to linux) and I could figure it out...the instructions are great.
This will stealth all your ports, and not respond to pings.
Okay, I installed the arno firewall (package found in linuxpackages.net). Now I can't access my server from other machine using putty. I know this is the firewall blocking ALL the traffic but how can I change this? I need to conf the /etc/arno-iptables-firewall.conf file, correct? What line? I only found that I could give access to certain card which connects to my LAN but I use the same card for net and if I enable that I enable ALL the traffic again rendering the firewall useless...
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705
Rep:
Quote:
Originally Posted by Zmyrgel
Okay, I installed the arno firewall (package found in linuxpackages.net). Now I can't access my server from other machine using putty. I know this is the firewall blocking ALL the traffic but how can I change this? I need to conf the /etc/arno-iptables-firewall.conf file, correct? What line? I only found that I could give access to certain card which connects to my LAN but I use the same card for net and if I enable that I enable ALL the traffic again rendering the firewall useless...
confusing.
There should be some notes on the website? I was not creating a server, just a desktop, so I was glad to have something to make me mostly disappear. I'm sure there is a simple way to get arno-iptables to work. This is a very common requirement.
Somebody check me on it, but I think guarddog requires KDE. I only run X so I couldn't use it. I decided on arno since it doesn't require any w/m.
shorewall + denyhost is all you need. when someone is trying to login to your box and fails, denyhost will automatically add that ip to your hosts.deny file. i have mine defined to add to the file with 2 failed login and i know my login wont fail since im using public key authentication. also with shorewall its pretty easy to only allow a single ip to connect using ssh. shorewall is just another frontend for iptables like the others mentioned here but it was the easiest for me to install and configure.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.