Create Linux Firewall and Prevent Attack from Outside

April 20, 2014 0
Sometimes we left to create firewall on linux server. But do you know, this is very stupid leave your server opened for hacker. Maybe now your server is safe, and running well. But you don't know in a future. I suggest you to create your own firewall for your server to prevent attack from outside. How to create this ? I will show simple one for you. By default some linux server should have iptables ( firewall application ). And how to activate this firewall ? In red hat family you only using command " service iptables start " and then iptables should be started. check whether your firewall already run or not using command " ps aux | grep iptables " if there shown iptables from bin directory is started. Now check your firewall configuration by using command " iptables -L " this command for list your active firewall configuration. Should have structure like below :
Chain INPUT (policy ACCEPT) target     prot opt source               destination Chain FORWARD (policy ACCEPT) target     prot opt source               destination Chain OUTPUT (policy ACCEPT) target     prot opt source               destination
INPUT = is flow coming from outside to server FORWARD = is flow passing your server ( LAN - SERVER  - OUTSIDE or OUTSIDE - SERVER - LAN ) OUTPUT = is flow comming from server to outside So what is the simple config for your server ? First you should select  your application should accessible from outside and what is application not accessible from outside. OK, i give some sample, and i chose ssh and http is accessible from outside and others blocked. iptables have some important option, first ( insert config/rule, delete config/rule ) and second ( action like drop, reject, accept ). Ok now my sample is create allow ssh and http accessible from outside. command :
iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -j REJECT
Now config result should like this ( use command " iptables -L " :
Chain INPUT (policy ACCEPT) target     prot opt source               destination ACCEPT     tcp  -- anywhere    anywhere            tcp dpt:ssh ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http REJECT     all  --  anywhere             anywhere Chain FORWARD (policy ACCEPT) target     prot opt source               destination Chain OUTPUT (policy ACCEPT) target     prot opt source               destination
And now your firewall is active and only allow ssh and http from outside. And after finish configure do not forget to save and set this firewall on start up application. How ? use this command :
service iptables save chkconfig iptables on
And to show whether iptables already on startup show your startup application using command " chkconfig --list " find iptables, if you got iptables like below :
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
your iptables is already on startup. Thank you.
Visit Us On TwitterVisit Us On FacebookVisit Us On Google PlusVisit Us On YoutubeCheck Our Feed