December 2020
« Apr    

Deny hacking attempts using fail2ban

As we know IPTABLE is the weapon of the most Linux Admin nowadays to mange the traffic/access IN/OUT towards the servers. Creating IPTables chains and updating by hand is an old fashion and outdated now. So I uses APF firewall for most the Linux servers those are not using AWS cloud service.

AWS highlights


Useful commands to find the hacker programs and OS behavior

Recently I got an opportunity to work with certain hacked servers which is compromised due to poor administration. As we know Heartbleed. shellshock and poodle attack are come out recently.

1. Heartbleed vulnerability — due to buggy Openssl relase – resolved by updating the package to latest 2. Shellshock : a buggy and hidden […]

IPTables : How do I block access from a country

Recently one of the server was attempted to hack from various countries especially from Ukranine, France and China even though all our customers are located in US. So we do not need to open the web access to any of these countries as they are not belonging to our customer region.

After a few Google […]

APF : Adding custom rules in firewall

APF is installed on one of my server and I need to add one additional rule to apf firewall. I need to enable post routing in firewall for vpn server purpose.

It’s just simple add your iptables rules in “/etc/apf/postroute.rules”

[root@godisgr8t ~]# cat  /etc/apf/postroute.rules | grep "iptables" /sbin/iptables  -t nat -I POSTROUTING -s  -o […]

how do I open a port in apf firewall and add my ip trusted.

Apf is a policy based iptable firewall which is very useful for blocking DDoS attack on heavily traffic servers. The issue is when we developrs/testers are using the same server which will deny all the traffic from their static Ip given. This is a major headache in most cases.

1. Opening port in apf firewall […]