Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Build a Linux firewall, that will only be opened when you needed it to be

Mar 31, 2009, 01:33 (1 Talkback[s])

[ Thanks to Ggarron for this link. ]

"One of the beauties about Linux is that it is really easy to administer it remotely, but that is also one of the major concerns about Linux security, if you have weak passwords, you are exposed to attacks, there are lots of ways to protect yourself, one of the easiest is to close the firewall, and only permit access to port 22 from some specific IPs, but this is not an option if you travel a lot or if you do not have a fixed IP, at the place you use to be when you access your remote server.

"Another approach is to have something like DenyHosts or fail2ban, both of them do almost the same, they block a port, (22 in the most used cases) when a threshold point of number of tries have been reached.

"Now I have found another way, you may have your firewall closed by default, but you will be able to open it when you need to access your server, and closed it again after use, the package that will do the magic is knockd, and as its name says, you will knock the door of the firewall and it will open itself for you, but you will need a secret type of knock, it is like the "Open/Close, Simsim" (Open/Close sesame)."

Complete Story

Related Stories: