dimanche 11 janvier 2015

What considerations would I need when configuring iptables?


Synopsis


I am looking at learning more about Server Administration. I have been running my own web server for a few years although many things were set-up by my friend and now I wish to learn more about these tasks.


I'm mainly curious about Security, Network security and firewalls and would love to find a good resource/book to learn more into this.


Nevertheless, my intentions are:



  • To block all incoming connections; except specific ports

  • To understand any security related tasks I need to research


I have a short list of ports to allow incoming connections for:



$ iptables -A INPUT -p icmp -j ACCEPT            # allows anyone to ping?
$ iptables -A INPUT -p tcp --dport 22 -j ACCEPT  # allow public ssh
$ iptables -A INPUT -p tcp --dport 80 -j ACCEPT  # allow public apache
$ iptables -A INPUT -p tcp --dport 443 -j ACCEPT  # allow public apache (ssl)
$ iptables -A INPUT -p tcp --dport 9001 -j ACCEPT  # allow a public service
$ iptables -A INPUT -j DROP                      # default drop


My list of rules above theoretically seem secure enough to block everything except 22, 80, 443 and 9001 - but when these rules are active I cannot ssh into my server. Then I flush the rules (iptables -F) and I can ssh again.



Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)