Thu. Jan 20th, 2022


If you would like a robust firewall in your Ubuntu Server, however one that gives a reasonably easy configuration, Jack Wallen thinks CSF is perhaps the precise instrument for the job.

windows-11-security-1.jpg

Illustration: Lisa Hornung/TechRepublic

Though Uncomplicated Firewall is an impressive safety service on Ubuntu Server, there is perhaps instances if you want extra. But when you do not have the time (or the inclination) to study the extremely advanced iptables, you may want an possibility that lies someplace in between. Such an possibility is the ConfigServer/Safety Firewall mixture, which provides a strong firewall answer that may be expanded with add-ons for issues reminiscent of login/intrusion detection, exploit checks, ping of dying safety, and extra.

I am going to stroll you thru the set up of CSF on Ubuntu Server 20.04.

SEE: Password breach: Why popular culture and passwords do not combine (free PDF) (TechRepublic)

What you will want

With the intention to set up CSF, you will want a operating occasion of Ubuntu Server and a consumer with sudo privileges. That is it. Let’s dive in.

Find out how to set up ConfigServer on Ubuntu Server 20.04

The very first thing to be accomplished is to put in the required dependencies. Log into your Ubuntu Server and subject the command:

sudo apt set up wget libio-socket-ssl-perl git perl iptables libnet-libidn-perl libcrypt-ssleay-perl  libio-socket-inet6-perl libsocket6-perl sendmail dnsutils unzip -y

When that command completes, obtain the most recent model of CSF with the command:

wget http://obtain.configserver.com/csf.tgz

Unpack that newly downloaded tar file with:

tar -xvfz csf.tgz

Turn into the newly created listing with:

cd csf

Set up CSF by operating the included script with:

sudo bash set up.sh

Earlier than we proceed on, let’s be certain iptables is loaded with:

sudo perl /usr/native/csf/bin/csftest.pl

You need to see:

Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf ought to operate on this server

Find out how to configure CSF on Ubuntu Server 20.04

We’re able to configure CSF. Open the configuration file with:

sudo nano /and many others/csf/csf.conf

The very first thing we should do is change the road:

TESTING = "1"

to 

TESTING = "0"

Subsequent, we have to limit rsyslog/syslog entry to members of a particular group. For this, find the road:

RESTRICT_SYSLOG = "0"

Change that line to:

RESTRICT_SYSLOG = "3"

Now comes the enjoyable half. Scroll down till you see the road beginning with:

TCP_IN

That is the place you possibly can configure ports to be allowed by way of the firewall. By default CSF will permit ports 20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993 and 995. Change that line to solely the ports you want open for the server in query.

Subsequent, discover the traces beginning with TCP_OUT, UDP_IN, and UDP_OUT and do the identical factor (configuring solely the ports you need open for incoming and outgoing visitors).

As soon as you have accomplished that process, save and shut the file. 

Begin and allow CSF with the command:

sudo systemctl allow --now csf

Find out how to block and permit IP addresses with CSF

This is without doubt one of the methods CSF stands out among the many competitors. Let me present you the way simple it’s to dam or permit an IP handle. To dam an IP handle, open the deny file with:

sudo nano /and many others/csf/csf.deny

On the backside of that file, add the IP addresses you need to block (one per line), like so:

192.168.1.100
192.168.1.101

You can even block a whole subnet like this:

192.168.1.0/24

To permit an IP handle, open the permit file with:

sudo nano /and many others/csf/csf.permit

In that file, add the IP addresses or subnets (in the identical approach you probably did for deny) after which save the file.

Lastly, you possibly can set CSF to exclude an IP handle within the csf.ignore file (which is configured in the identical approach you configured the deny and permit information).

And that is all there may be to putting in and configuring the ConfigServer Safety Firewall mixture on Ubuntu Server. For those who’re searching for a robust, but easy, firewall in your servers, this is perhaps precisely what you are searching for.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the most recent tech recommendation for enterprise execs from Jack Wallen.

Additionally see



Source link

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *