Linux Today: Linux News On Internet Time.

Build a Linux firewall, that will only be opened when you needed it to be

Mar 31, 2009, 01:33 (1 Talkback[s])

[ Thanks to Ggarron for this link. ]

"One of the beauties about Linux is that it is really easy to administer it remotely, but that is also one of the major concerns about Linux security, if you have weak passwords, you are exposed to attacks, there are lots of ways to protect yourself, one of the easiest is to close the firewall, and only permit access to port 22 from some specific IPs, but this is not an option if you travel a lot or if you do not have a fixed IP, at the place you use to be when you access your remote server.

"Another approach is to have something like DenyHosts or fail2ban, both of them do almost the same, they block a port, (22 in the most used cases) when a threshold point of number of tries have been reached.

"Now I have found another way, you may have your firewall closed by default, but you will be able to open it when you need to access your server, and closed it again after use, the package that will do the magic is knockd, and as its name says, you will knock the door of the firewall and it will open itself for you, but you will need a secret type of knock, it is like the "Open/Close, Simsim" (Open/Close sesame)."

Complete Story

Related Stories: