17 Search results

For the term "iptables".

Fail2ban ERROR /bin/sh iptables No such file or directory

In Fail2ban version 0.9 running on Debian 9 server fail2ban.action [17325]: ERROR -n -L INPUT | grep -q ‘f2b- [ \t]’ — stderr: b’/bin/sh: iptables: No such file or directory\n’ [edit] /etc/fail2ban/action.d/iptables-common.conf [change] iptables = iptables [to] /sbin/iptables = iptables

fail2ban.actions.action: ERROR iptables -D

fail2ban.actions.action: ERROR iptables -D INPUT -p tcp -m multiport –dports http,https -j fail2ban-apache-xxxxxxxxxxxxxxxxxxx iptables -F fail2ban-apache-xxxxxxxxxxxxxxxxxxx iptables -X fail2ban-apache-xxxxxxxxxxxxxxxxxxx returned 200 iptables only allows rules of up to 30 characters Shorten the name of the conf file solves the error

Block All Traffic to Your New Remote Server

I block all traffic to a new server while I setup users and environment using Netfilter AKA iptables. Nothing else gets in or out of the box but me. This requires 2 scripts actually. One to close the machine to all other IPs but mine, and one to “unblock”. You need to unblock while installing other software, re. LAMP, when...

Netfilter (iptables) Tips & Tricks

Netfilter (aka iptables) is how you stop any intrusions. As an example, PSAD can recognize attack patterns, but it is Netfilter that is then used to stop any communcations from getting a response. In otherwords, Netfilter can be told to ignore incoming requests; essentially making the server unreachable.

Harden Debian 7 Server with PSAD

Install Port Scan Attack Detector on Debian 7 Server sudo apt-get install psad sudo vi /etc/psad/psad.conf change these lines EMAIL_ADDRESSES me@seleads.com; HOSTNAME my.seleads.com; HOME_NET NOT_USED; ALERTING_METHODS noemail; IPT_SYSLOG_FILE /var/log/syslog; EMAIL_LIMIT_STATUS_MSG N; ENABLE_AUTO_IDS Y; AUTO_IDS_DANGER_LEVEL 2; AUTO_BLOCK_TIMEOUT 2592000; ENABLE_AUTO_IDS_EMAILS N; Restart psad psad -R psad –sig-update psad -H sudo vi /etc/cron.hourly/save-bad-ips #!/bin/sh PATH=/usr/share:/usr/sbin:/usr/bin:/sbin:/bin /sbin/iptables-save -c > /tmp/iptables-save.txt #echo “SELECT lockdown_IP FROM...

How To Block Traffic by Country using IPtables

http://www.linuxstall.com/block-country-iptables/ http://www.ipdeny.com/ipblocks/ http://www.ipdeny.com/ipblocks/data/countries/ #!/bin/bash # country codes ISO="cn it kr br ru tw af sa iq sy tr ua in jp id at ro pl bg vn hk ve th mx co ar ir cz ph eg pk" # set path IPT=/sbin/iptables WGET=/usr/bin/wget EGREP=/bin/egrep $IPT-save -c > /home/iptables/iptables_bak_$(/bin/date +\%Y\%m\%d\%H\%M\%S).txt SPAMLIST="countrydrop" ZONEROOT="/root/iptables" DLROOT="http://www.ipdeny.com/ipblocks/data/countries" cleanOldRules(){ $IPT -F $IPT -X $IPT -t nat...

nftables Beginner Examples

The first things you need to do and the commands that you need. Save and Translate your iptables rule into nftables rules when migrating from iptables to nftables are: Save iptables rules to text file iptables-save -c > iptables-saved-backup.txt Translate iptables rules to nftables text file iptables-restore-translate -f iptables-saved-backup.txt > ruleset.nft Active nftables rules nft -f ruleset.nft NOTE You should...

Setup LAMP Server Debian 9 Apache 2.4 MarianDB Php 7

Prerequisite is a fresh remote server with Debian 9 Stretch installed and booted From remote terminal Block all traffic iptable -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP Create a User sudo useradd -d /home/username -m username Set the User’s Password sudo passwd username Add the User to the Admin Group sudo adduser username adm...

How To Harden Debian Server

Its not enough to harden just Debain. Its necessary to harden the rest of Apache-MySQL-PHP as well. Harden MYSQL sudo mysql_secure_installation answer Yes to all questions (but no need to change password) Disabling SSH root login and settings sudo vi /etc/ssh/sshd_config change PermitRootLogin yes to PermitRootLogin no LoginGraceTime 120 to LoginGraceTime 30 add line AllowUsers username username username Consider disabling...

Tunnel MySQL Over SSH

Assuming On a “remote.com” server that we will connect to from our LocalMachine 1) MySQL database named “database” 2) MySQL database is running on remote server “remote.com” 3) MySQL is running and listening on (standard) localhost:port “127.0.0.1:3306” 4) MySQL username “mysql_user_name” 5) MySQL password “mysql_password” 6) SSH must be listening on port 9999 7) SSH AllowUsers “ssh_user_name” 8) SSH password...