Highest Voted 'firewall' Questions - Server Fault Stack Exchange

277

votes

15 answers

How to Unban an IP properly with Fail2Ban

I'm using Fail2Ban on a server and I'm wondering how to unban an IP properly. I know I can work with IPTables directly: iptables -D fail2ban-ssh But is there not a way to do it with the fail2ban-client? In the manuals it states something…

firewall iptables fail2ban

asked Jun 29 '11 at 11:43

psp

3,033
3
14
14

196

votes

22 answers

Is it normal to get hundreds of break-in attempts per day?

I just checked my server's /var/log/auth.log and found that I'm getting over 500 failed password/break-in attempt notifications per day! My site is small, and its URL is obscure. Is this normal? Should I be taking any measures?

linux security ssh firewall

asked Mar 08 '11 at 11:26

Kyle Cureau

1,537
3
11
15

139

votes

11 answers

best way to clear all iptables rules

I currently have this snippet: # flush all chains iptables -F iptables -t nat -F iptables -t mangle -F # delete all chains iptables -X Is there a possibility that some impervious rule will stay alive after running this? The idea is to have a…

linux iptables firewall

asked Nov 11 '10 at 03:18

kagali-san

1,921
5
17
20

121

votes

4 answers

How to check if a port is blocked on a Windows machine?

On the Windows platform, what native options to I have to check if a port (3306, for example) on my local machine (as in localhost), is being blocked?

windows networking firewall port

asked Jun 16 '09 at 14:21

Boris Pavlović

1,323
2
9
8

114

votes

7 answers

REJECT vs DROP when using iptables

Is there any reason why I would want to have iptables -A INPUT -j REJECT instead of iptables -A INPUT -j DROP

linux security firewall iptables

asked Jul 04 '10 at 09:49

Mike B

11,570
42
106
165

109

votes

4 answers

What firewall ports need to be open to allow access to external git repositories?

What firewall port(s) need to be open to allow access to external git repositories?

firewall port git

asked Oct 08 '10 at 14:43

markdorison

1,225
2
8
7

108

votes

20 answers

Why should I firewall servers?

PLEASE NOTE: I'm not interested in making this into a flame war! I understand that many people have strongly-held beliefs about this subject, in no small part because they've put a lot of effort into their firewalling solutions, and also because…

security firewall

asked Nov 12 '10 at 21:11

Ernie

5,324
6
30
37

102

votes

8 answers

Which ports do I need to open in the firewall to use NFS?

I'm running Ubuntu 11.10 - setting up NFS to share a directory among many other servers. Which ports are required to be opened on the firewall?

ubuntu firewall nfs

asked Apr 05 '12 at 21:01

kenny

1,133
2
8
6

93

votes

7 answers

SSH from A through B to C, using private key on B

I'm looking for a simple way to SSH from my local machine, A, through a proxy, B, to a destination host, C. The private key that goes with the public key on C is on B, and I can't put that key on my local machine. Any tips? Also, I'd like to be…

linux ssh firewall bash proxy

asked Dec 03 '11 at 04:56

wrangler

2,920
5
23
20

80

votes

2 answers

How to open port for a specific IP address with firewall-cmd on CentOS?

I would like to open port 4567 for the IP address 1.2.3.4 with the firewall-cmd command on a CentOS 7.1 server. How can I achieve this, as the documentation I could find was too specific on this?

centos firewall centos7 firewalld

asked Apr 22 '15 at 09:46

Michaël Perrin

903
1
7
7

69

votes

4 answers

How to PREPEND rules rather than APPEND using iptables?

Pretty basic question: how to PREPEND rules on IPTABLES rather than to APPEND? I have DROP statements at the bottom of my rules. I have a software to add new rules but adding rules after DROP statements isn't good. Every time I want to add a new…

networking firewall iptables

asked Mar 29 '12 at 19:23

ale

883
2
10
13

69

votes

1 answer

What is the difference between a Source NAT, Destination NAT and Masquerading?

What is the difference between a Source NAT, Destination NAT and Masquerading? For example, I thought IP Masqurading was what they used to call it in Linux? But what confuses me is that in our Astaro firewall there is IP Masquarading as well as NAT…

firewall nat

asked Mar 04 '10 at 23:54

hookenz

14,132
22
86
142

67

votes

4 answers

Windows equivalent of iptables?

Dumb question: Is there an equivalent of iptables on Windows? Could I install one via cygwin? The real question: how can I accomplish on Windows what I can accomplish via iptables? Just looking for basic firewall functionality (e.g. blocking certain…

windows firewall iptables

asked Nov 30 '10 at 22:38

Aaron F.

895
2
8
9

66

votes

8 answers

What steps do you take to secure a Debian server?

I am installing a Debian server which is connected directly to the Internet. Obviously I want to make it as secure as possible. I would like you guys/gals to add your ideas to secure it and what programs you use for it. I want part of this question…

linux security debian firewall

asked May 23 '09 at 20:49

Thomaschaaf

3,012
5
29
24

65

votes

2 answers

iptables: difference between NEW, ESTABLISHED and RELATED packets

Part of a firewall on a server : iptables -A INPUT -p tcp --dport 22 -m state NEW --state -m recent --set iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 100 --hitcount 10 -j DROP When I search online I always…

firewall iptables packet

asked Mar 19 '12 at 21:37

Kris

1,347
3
15
16

Questions tagged [firewall]