OP 09 January, 2022 - 07:03 AM
In order to secure your server, you will have to have a well configured firewall
Instead of blocking stuff you do not want, you should block everything and only allow stuff that you want - also called whitelisting
Warning: Be careful with your configurations, as you might lock yourself out of your server, if not done correctly.
Do not run the commands one after one, instead run them inside a shell script, as otherwise you will be locked out, before you can finish your firewall configuration
First of all, block all traffic using iptables.
If you would leave your iptables configuration like that, your server would be secure, but you would not be able to access it yourself either - so we have to add exceptions
We assume you have SSH running on port 37282
For your to be able to use ssh, you will have to add an iptables rule that allows traffic on the specific port
To further harden the system you could only allow access to the port for one specified IP
A port knock would be another step, which only opens the port, when a specific set of ports has been connected to by a single IP in a specific order - this will cause a set port to open
If you enjoyed this tutorial please leave me a LIKE
Instead of blocking stuff you do not want, you should block everything and only allow stuff that you want - also called whitelisting
Warning: Be careful with your configurations, as you might lock yourself out of your server, if not done correctly.
Do not run the commands one after one, instead run them inside a shell script, as otherwise you will be locked out, before you can finish your firewall configuration
First of all, block all traffic using iptables.
Code:
[code]
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROPIf you would leave your iptables configuration like that, your server would be secure, but you would not be able to access it yourself either - so we have to add exceptions
We assume you have SSH running on port 37282
For your to be able to use ssh, you will have to add an iptables rule that allows traffic on the specific port
Code:
[code]
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 37282 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -p tcp --sport 37282 -m state --state ESTABLISHED -j ACCEPTTo further harden the system you could only allow access to the port for one specified IP
A port knock would be another step, which only opens the port, when a specific set of ports has been connected to by a single IP in a specific order - this will cause a set port to open
If you enjoyed this tutorial please leave me a LIKE