Your SlideShare is downloading. ×
Linux Firewall - NullCon Chennai Presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Linux Firewall - NullCon Chennai Presentation

189
views

Published on

Our presentation at Null Con Chennai

Our presentation at Null Con Chennai

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
189
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Fedora, Redhat
  • Masquaredes all outgoing traffic
    Filter both incoming and outgoing traffic
    Port forward incoming traffic for your servers
  • Transcript

    • 1. Linux Firewall June 29 2014 Vinoth Sivasubramanian Ganapathy Kannan
    • 2. Agenda  Introduction to Linux Firewalls  Firewall Basics  IP Tables  Firewall Management  Challenges and Solutions
    • 3. Introduction  Why Need a Firewall  Improved Access Control at Network Layer and Transport Layer  Better Detection Capabilities  Why Linux Firewalls  Open source  Low Cost  Flexible  Can align with business and user need  Continual improvement
    • 4. What is a firewall?  What is a firewall ??? A firewall is a device filtering traffic between 2 or more networks based on predefined rules
    • 5. IP Chains  IP Chains Loadable kernel module that performs packet filtering Comes with most Linux distribution No Port Forward Concept of chain ( Input , Output and Forward)
    • 6. IP Tables  IP Tables Loadable kernel module Since kernel 2.4.x Everything of IP Chains plus stateful inspection, improved matching and port forward More customized login  Requires expertise and careful study of organization
    • 7. IP Tables – Implementation – Command Line  Open a terminal window ( Must be logged in as root ) typing #iptables iptables<version number: no command specified ( If IP tables already installed)  IF IP tables are not installed then follow the follow instructions to enable IP Tables IP tables can be downloaded from http://www.nefilter.org #tar –xvjf ./iptables-1.*.*.tar.bz2 –c/usr/src #cd /usr/src/iptables-1.*.* ( to the directory it has created) #/bin/sh –c make #/bin/sh –c make install  to finish the install
    • 8. Implementation of policies Sample #iptables –P INPUT/DROP/ACCEPT #iptables –P OUTPUT/DROP/ACCEPT #iptables –P FORWARD/DROP/ACCEPT
    • 9. Implementation of policies Implementing Rules #iptables –A INPUT I eth0 –p tcp (–s 192.168.0.222) –dport 22 –j drop A to append the rule at the bottom of specified chain I to insert the rule at the top of the specfified chain I income interface P protocol S incoming ip Dport destination port Sport source port O outgoing interface D destination ip #service iptables save
    • 10. Implementation of policies Deleting rules # iptables –D INPUT <number> #iptables –D INPUT – i eth0 –p tcp dport 22 –j DROP
    • 11. Implementation of policies using GUI # system-config-firewall in command line Or System  Administration  Firewall in the Menu
    • 12. Implementation of policies using GUI Sample Snapshot
    • 13. Typical Implementation Internal LAN DMZ Servers Internal LAN Router Internet
    • 14. Tools for Compiling IPTables  www.fwbuilder.org  Online tool to help build Linux firewall rules ( Open source)  fwlogwatch.inside-security.de/  Tool to analyse IP tables logs  Challenges  No clear visibility on flow of traffic , ports and services used in the organization  Solutions to them are documenting the ports, services being used in the organization  Does not do deep packet inspection to filter malicious traffic
    • 15. Thank You Q& A