Aug 8, 2010 I have noticed some posts need updating. I will be adding new posts for new software versions and moving old posts to a archive. If something on here is incorrect or needs updating sign up and leave me post or use our simple contact form on the right!
IPtables, SSH, Ubuntu Securty, etc..
No Comments 
Jul 1, 2010
Apr 20, 2010 #—————————————————————
# Initialize all the chains by removing all the rules
# tied to them
#—————————————————————
iptables –flush
iptables -t nat –flush
iptables -t mangle –flush
#—————————————————————
# The loopback interface should accept all traffic
# Necessary for X-Windows and other socket based services
#—————————————————————
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
#—————————————————————
# Allow outbound DNS queries from the FW and the replies too
#
# – Interface eth0 is the internet interface
#
# Zone transfers use TCP and not UDP. Most home networks
# websites using a single DNS server won’t require TCP statements
#
#—————————————————————
iptables -A OUTPUT -p udp -o eth0 –dport 53 –sport 1024:65535 \
-j ACCEPT
iptables -A INPUT -p udp -i eth0 –sport 53 –dport 1024:65535 \
-j ACCEPT
#—————————————————————
# Allow previously established connections
# – Interface eth0 is the internet interface
#—————————————————————
iptables -A OUTPUT -o eth0 -m state –state ESTABLISHED,RELATED \
-j ACCEPT
#—————————————————————
# Allow port 80 (www) and 22 (SSH) connections to the firewall
#—————————————————————
iptables -A INPUT -p tcp -i eth0 –dport 22 –sport 1024:65535 \
-m state –state NEW -j ACCEPT
iptables -A INPUT -p tcp -i eth0 –dport 80 –sport 1024:65535 \
-m state –state NEW -j ACCEPT
#—————————————————————
# Allow port 80 (www) and 443 (https) connections from the firewall
#—————————————————————
iptables -A OUTPUT -j ACCEPT -m state \
–state NEW,ESTABLISHED,RELATED -o eth0 -p tcp \
-m multiport –dport 80,443 -m multiport –sport 1024:65535
#—————————————————————
# Allow previously established connections
# – Interface eth0 is the internet interface
#—————————————————————
iptables -A INPUT -j ACCEPT -m state –state ESTABLISHED,RELATED \
-i eth0 -p tcp
#—————————————————————
# If a packet doesn’t match one of the built in chains, then
# The policy should be to drop it
#—————————————————————
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP
iptables -A FORWARD -j DROP
Feb 11, 2010 Two Simple Steps for updating ubuntu form within the shell:
sudo apt-get update
sudo apt-get upgrade
Video Walkthrough Below:
Feb 10, 2010 Here is the simple instructions and a video below.
sudo nano /etc/network/interfaces
look for this:
# The primary network interface
auto eth0
iface eth0 inet dhcp
Change it to this or whatever IP configuration you would like to use:
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
Here is a walk through video:
Home
Subscribe
