Managing Your Linux Firewall ... (via GUFW) By: Olayanju Kayode firstname.lastname@example.org Tested on Ubuntu 11.10 Oneiric
Introduction-Gufw is a firewall powered by UFW, a.k.a “Uncomplicated Firewall”. This platform is used as a graphical implementation of UFW.-Linux is a “Unix” based, open-source operating system that has built-in security. However, there are additional administration tools to assist with “Layering the Network”. Here, we will show you how to use GUFW to Manage your Linux Firewall configuration. To view further details:Go to http:help.ubuntu.com/community/Gufw for more information.
InstallationTo install Gufw, run the Terminal apt-get command: apt-get install gufw For users, this will require administrator privileges, or you can invoke the sudo command:
Synaptic: Package Manager The Synaptic Package manager is an alternative way to install Gufw. If you are not comfortable using the Command Line, this GUI will compliment the functions of the apt-get command line tool. To learn more about Synaptic, visit:https://help.ubuntu.com/com munity/Synaptic
Enable your FirewallBy default, GUFW is turned OFF. Locate the Status button and enable your firewall by switching to ON.Next, you will be prompted to authenticate changes to your firewall changes. Contact your administrator, if you do not have root privileges. (Right Side: Screenshot)NOTE: After “enabling”, the status alert in the bottom left hand corner will update to “Enabled Firewall”.
Adding Rules Adding Rules will serve to be advantageous for your network. You will have different options to support your firewall needs. Options: Allow, Deny, Reject, or Limit TCP and UDP ports. Click the “+” sign to Add a Rule. Security TIP: Be mindful of which ports you allow and deny! You may allow threats, or deny functional requirements.
PreconfiguredAfter selecting to Add a Rule, the “Preconfigured” option will be available. Here, you can decide on which Applications or Services to control. Some of the Applications include: Skype, Transmission, qTorrent. In this demo, below we will “Allow”, “In”, “Service”, for “SSH”. Then the firewall be configured to allow SSH services. SSH uses port 22.
Simplein the “Simple” tab, you can configure your firewall to Allow, Deny, Reject, and Limit access the TCP/UDP/Both ports. Here, we will Reject the 555 and 666 ports. These ports are used for malicious activity and can cause system and trojan program activity to your network systems.REFERENCE: Port 555 is used for In-Killer, Phase Zero, and Stealth Spy. Port 666 is used for Satanz Backdoor, Attack FTP, Back Construction, BLA trojan, NokNok, Reverse Trojan, and Shadow.
Advanced The “Advanced” tab gives you the option to configure port access for IP (static) addresses. (First Screen) “Show extended options”, when checked provides configuration for firewall event Log activity. (Last Screen) This can help analyze server monitoring, 24x7.