Firewall - How does it work?

Discussion in 'Installation/Configuration' started by AdrianSmithUK, Mar 27, 2009.

  1. AdrianSmithUK

    AdrianSmithUK New Member

    Hi

    Hackers have been trying to find their way into my server and I decided to switch on the firewall. The only problem is that I can't find much in the way of documentation as to what it does.

    - Can it stop flood attacks?
    - Does it deny service to rapid requests?
    - If it blocks somebody, does it do it for ever, 24 hours, 1 hour ...etc?
    - Does it block all unused ports?
    - etc

    In short - does anybody know where there is a specification or a description of how it works? More info on the monotoring system would also be useful (ie What does it do and an example of how to use it?)

    Kind Regards,

    Adrian Smith
     
  2. robilaur

    robilaur New Member

    Well in my opinion.... Isp firewall doesnt do mutch except filter some ports..... the real deal is with fail2ban and denyhost... if u configure this 2 properly you whont have problems... i`ve been working on this matter for the past 3 days... so... u need to modify this config
    Code:
    /etc/fail2ban/fail2ban.conf
    and set the max retry to 3 ( if the attaker fails to login from 3 attemps gets baned) , Set bantime to -1 (this means it will be a definete ban (until u restart fail2ban)) configure postfix and proftp option so they dont attack your ftp. and thats about it... u can look for denyhost conf also and try to make some ajustments there also... i made some but dont really remember what. Oh... and another thing is to change you ssh port from 22 to something else.... most hacker this day use a password tryer scaner...( they conect by default to ssh 22 and they try a lots of passwords...) oh... and keep your server up to date... If u whant to ban an IP .... just insert it in /etc/host.deny and restart hostdeny... i think thats permanent.

    Hope it helps...
     
  3. AdrianSmithUK

    AdrianSmithUK New Member

    Many Thanks

    Many thanks Robilaur.

    Your message is very helpful.

    Kind Regards,

    Adrian Smith
    London
     
  4. AdrianSmithUK

    AdrianSmithUK New Member

  5. AdrianSmithUK

    AdrianSmithUK New Member

Share This Page