where is the firewall?

Anthony Christopher sart057 at gmail.com
Thu Sep 17 00:57:59 UTC 2009 

Anthony Christopher wrote:
> robert rottermann wrote:
>   
>> NoOp schrieb:
>>   
>>     
>>> On 09/16/2009 11:52 AM, robert rottermann wrote:
>>>     
>>>       
>>>> first: where is the firewall, how do I configure it?
>>>>
>>>> iptables -L shows nothing.
>>>>
>>>> if there is (as I am afraid) no firewall, how is the access from the internet
>>>> block (the box is is used as a webserver).
>>>>
>>>>       
>>>>         
>>> $ locate iptables
>>> /sbin/iptables
>>> etc.
>>>
>>> If it's not there (should be):
>>> http://packages.ubuntu.com/dapper/iptables
>>>
>>> You may also find these links helpful:
>>>
>>> <http://ubuntu-tutorials.com/2009/06/03/getting-started-with-firewall-builder/>
>>> https://help.ubuntu.com/6.06/index.html
>>> [Server Guide - HTML, PDF]
>>> https://help.ubuntu.com/6.06/ubuntu/serverguide/C/index.html
>>> <https://help.ubuntu.com/6.06/ubuntu/serverguide/C/firewall-configuration.html>
>>>
>>>
>>>
>>>     
>>>       
>> thanks for your quick answer
>>
>> sorry, I was not precise enouth.
>> iptables is installed but there are no rules
>>
>> /sbin/iptables
>> iptables v1.3.3: no command specified
>> Try `iptables -h' or 'iptables --help' for more information.
>> root at ubuntu60664m:~# /sbin/iptables -L
>> Chain INPUT (policy ACCEPT)
>> target     prot opt source               destination
>>
>> Chain FORWARD (policy ACCEPT)
>> target     prot opt source               destination
>>
>> Chain OUTPUT (policy ACCEPT)
>> target     prot opt source               destination
>>
>> does that mean, that there i no firewall on this system?
>>
>> robert
>>
>>   
>>     
> It means that the firewall built-in to your operating system is pretty 
> much wide open, which with the minimalist ubuntu approach to 
> installation may not be as big of a problem as it first sounds.  But 
> your previous administrator may have been one of those people who when 
> they have something that works, stick to it, Thus they may have 
> installed some other firewall that worked for them on a different 
> system. Since most firewalls are started on boot-up, you might look 
> through the script names in /etc/init.d and read various files like 
> /etc/rc.local or the files in the /etc/network file tree to see if any 
> of them indicate the startup of a firewall.  It might be simpler though 
> to use a program that tests your systems network security and address 
> any IP vulnerabilities using an iptables firewall script.
>
>
>   
It also has come to mind that your server may sit in a network where 
some other box on the network, between you and the outside world may 
serve as a dedicated firewall for the box in question.  If this is the 
case then there probably exists someone with a job title like ¨network 
administrator¨ that can be asked about security for your server.

More information about the ubuntu-users mailing list