Monday, April 10, 2006

installing shorwall firewall on ubuntu server

apt-get install shorewall

# vi /etc/default/shorewall

Now simply change

startup = 0

to

startup = 1

save, and exit.
vi /etc/shorewall/zones

#ZONE DISPLAY COMMENTS
net Net Internet
loc Local Private net

vi /etc/shorewall/interfaces
net eth0 detect routefilter,norfc1918,logmartians,nosmurfs,tcpflags,blacklist
loc eth1 detect tcpflags

vi /etc/shorewall/policy
fw net ACCEPT
fw loc ACCEPT
net all DROP info
# The FOLLOWING POLICY MUST BE LAST
all all REJECT info

vi /etc/shorwall/rules
ACCEPT net fw icmp 8
ACCEPT fw net icmp
ACCEPT net fw tcp ssh

recheck the configuration files
cat
/etc/shorwall/rules
cat
/etc/shorewall/policy
cat /etc/shorewall/interfaces

then try to login with ssh from outside
then scan yourself with nmap scanner
nmap -v -Ss 192.x.x.x




::::::

No comments: