Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Securing machine exposed to internet  (Read 3026 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Securing machine exposed to internet
« on: June 19, 2019, 08:58:23 AM »

I have an Ubuntu machine that is hosted. It’s currently sitting in the internet with no firewall in front of it. Could someone help me to secure it to a sane standard, also firewalling considerations?
Logged

parkdale

  • Reg Member
  • ***
  • Posts: 597
Re: Securing machine exposed to internet
« Reply #1 on: June 19, 2019, 01:21:50 PM »

https://help.ubuntu.com/community/IptablesHowTo will explain how to set a firewall....  Although I seem to remember you had a go at this before and locked yourself out :-\
Logged
Vodafone FTTC ECI cab 40/10Mb connection / Fritz!box7590

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Securing machine exposed to internet
« Reply #2 on: June 19, 2019, 04:10:51 PM »

I did, and ended up, locked out. I talked to Burrakucat about that. I have no problem in that I don’t lose anything, as all my sources are backed up on my iPad but having to reinstate everything by hand is a pain after I wreck the machine and have to wipe it. I need to get some system sorted out for backing up the core configuration stuff. But that is a nightmare.

Another question I wanted to ask about software firewalling. I am obviously not completely shielding the machine from loss of CPU cycles but I suppose the software firewall throws things away before it can have any further knock-on implications caused by processes that accept requests for communication on particular ports and go on to do something or other even if it is only to find out after a very short time that the communicant is illegitimate and thus rejecting it. Maybe the firewall provides a shortcut to rejection, in a guaranteed minimum time.

If you are not using firewalling as a form of ACL security measure, where the blocking of certain ports / protocols is used  to prevent users running certain types of software successfully. But if you have no rogue users then is there any point to a software firewall?

I was also thinking about other security basics though. What else should I be thinking of?

Burrakucat has volunteered to nmap me.
« Last Edit: June 19, 2019, 04:20:45 PM by Weaver »
Logged