How to configure fail2ban to protect Apache HTTP server

An Apache HTTP server in production environments can be under attack in various different ways. Attackers may attempt to gain access to unauthorized or forbidden directories by using brute-force attacks or executing evil scripts. Some malicious bots may scan your websites for any security vulnerability, or collect email addresses or web forms to send spams […]
Continue reading…

 

How to block unwanted IP addresses on Linux efficiently

You may want to block IP addresses on your Linux box under various circumstances. For example, as an end user you may want to protect yourself from known spyware or tracker IP addresses. Or when you are running P2P software, you may want to filter out connections from networks associated with anti-P2P activity. If you […]
Continue reading…

 

How to set up Squid as a transparent web proxy on CentOS or RHEL

In a previous tutorial, we have seen the method of creating a gateway using iptables. This tutorial will focus on turning the gateway into a transparent proxy server. A proxy is called “transparent” when clients are not aware that their requests are processed through the proxy. There are several benefits of using a transparent proxy. […]
Continue reading…

 

How to set up Internet connection sharing with iptables on Linux

In this tutorial, I’ll explain how to share a single Internet connection among multiple devices on Linux. While consumer-grade WiFi routers have become mainstream nowadays, making this problem a non-issue, suppose you don’t have one at home. However, say you have a Linux box already assembled with a modem and a LAN card. The modem […]
Continue reading…

 

How to close an open DNS resolver

The DNS server that we have created in the previous tutorial is an open DNS resolver. An open resolver does not filter any incoming requests, and accepts queries from any source IP address. Unfortunately, an open resolver can become an easy target to attackers. For example, attackers can initiate a Denial of Service (DoS) or […]
Continue reading…

 

How to set up a transparent HTTPS filtering proxy on CentOS

HTTPS protocol is used more and more in today‚Äôs web. While this may be good for privacy, it leaves modern network administrator without any means to prevent questionable or adult contents from entering his/her network. Previously it was assumed that this problem does not have a decent solution. Our how-to guide will try to prove […]
Continue reading…

 

How to configure firewall via command line on Linux

If you are looking to configure firewall on Linux, consider CSF (ConfigServer Security & Firewall). CSF is an easy-to-use, yet versatile firewall configuration tool written in Perl. Using CSF, you can easily configure advanced firewall rules such as stateful packet inspection and intrusion detection filters via its command-line interface or CSF configuration file. CSF is […]
Continue reading…

 

How to protect SSH server from brute force attacks using fail2ban

One common attack on SSH service is brute force attacks where a remote attacker indefinitely attempts to log in with different passwords. Of course there are arguments against password authentication for SSH, and alternative authentication mechanisms such as public key authentication or two-factor authentication exist to obsolete such attacks. Putting aside pros and cons of […]
Continue reading…

 

What are available iptables management tools with GUI?

Netfilter is a packet filtering system within the Linux kernel used for intercepting and processing network packets. Iptables is a user-space program that relies on netfilter to implement stateless/stateful packet filtering for network firewalls, and address/port translation for NATs. There are many applications and tools that ease complex iptables management tasks with convenient graphical front-ends. […]
Continue reading…

 

How to run iptables automatically after reboot on Debian

If you have customized iptables rules, and would like to load the customized iptables rules persistently across reboots on Debian, you can leverage if-up.d scripts that are located in /etc/network/if-up.d. On Debian, any script that is marked as executable and placed in /etc/network/if-up.d gets executed when a network interface is brought up. In order to […]
Continue reading…