Saturday, July 25, 2009

/etc/motd

This computer system is for authorized users only. All activity is logged and regulary checked by systems personal. Individuals using this system without authority or in excess of their authority are subject to having all their services revoked. Any illegal services run by user or attempts to take down this server or its services will be reported to local law enforcement, and said user will be punished to the full extent of the law. Anyone using this system consents to these terms.

Thursday, July 9, 2009

Setting a firewall using ufw in ubuntu

First what is ufw, as per man - program for managing a netfilter firewall,This program is for managing a Linux firewall and aims to provide an easy to use interface for the user. Cool! easy to use so how do you use it as the man page said easy.

1. Run from the terminal "ufw"

:~$ ufw

Usage: ufw COMMAND

Commands:
enable enables the firewall
disable disables the firewall
default ARG set default policy to ALLOW, DENY or REJECT
logging ARG set logging to OFF, ON or LEVEL
allow|deny|reject ARG add allow, deny or reject RULE
delete RULE delete the RULE
insert NUM RULE insert RULE at NUM
status show firewall status
status numbered show firewall status as numbered list of RULES
show ARG show firewall report
version display version information

Application profile commands:
app list list application profiles
app info PROFILE show information on PROFILE
app update PROFILE update PROFILE
app default ARG set profile policy to ALLOW, DENY, REJECT or
SKIP
2. Enable it

:~$ sudo ufw enable

3 . default policies of DROP

:~$ sudo ufw default denay

4.Now look in to your rules.

:~$ sudo iptables -L -n

Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-reject-forward all -- 0.0.0.0/0 0.0.0.0/0

...............

note: if you have two network cards and one was eth0 and the second was eth1
and you were FORWARDing traffic to an internal network, maybe using NAT and having a firewall on the outside and you need to make sure that your /proc/sys/net/ipv4/ip_forward is 1

5. Check the status

:~$ sudo ufw status
Status: active

6. Check if its working.

:~$ tail /var/log/messages


thats it!

Thanks to beginlinux for the howto.