[ubuntu-hardened] Hardening Network Security Questions
Jim Tarvid
tarvid at ls.net
Sun May 20 02:59:14 UTC 2018
iptables is not enough. You will need to maintain a list of banned ips.
failtoban - https://www.fail2ban.org/wiki/index.php/Main_Page is a good
start.
A hardware firewall will only add to confusion. See
https://github.com/trick77/ipset-blacklist
But ... backup first and always. I backup to a second server with rsync
daily. I inspect logins and new files daily.
On Fri, May 18, 2018 at 11:29 AM, bobby <architectofthefuture at gmail.com>
wrote:
> I was on the ubuntu forums, and a user had posted this:
>
> Always have both a hardware AND software firewall.
> Don't trust other computers on the same LAN implicitly. One of them may
> have been hacked and is being used to attack all other systems
>
> I had some clarification questions on these:
> 1. I am running iptables on my server. Is this not enough? Is a hardware
> device recommended as well?
> 2. How is this acted upon? How do I protect myself internally, from these
> types of attacks?
>
> --
> ubuntu-hardened mailing list
> ubuntu-hardened at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
>
>
--
Kindness Works!
Jim Tarvid
12897A Grays Pointe Road, Fairfax, Va 22033-2143
38.87782, -77.39270
703-657-0099 Condo
703-624-5289 Cell
703-594-7297 Google voice
202-753-0025 Tablet
http://ls.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20180519/58f1407b/attachment.html>
More information about the ubuntu-hardened
mailing list