network_security
Table of Contents
If you want to send us your comments, please do so. Thanks
More on comments
Network security
Software
- nftables. The program name is nft. nft is an administration tool of the nftables framework for packet filtering and classification
- Debian on iptables
- fail2ban - bans IP that makes too many password failures by adding firewall rules. An experience
- iptables (firewall) - administration tool for IPv4/IPv6 packet filtering and NAT
- netfilter-persistent - load, flush and save netfilter rule sets
- Debian on nftables
- sshguard - block brute-force attacks by aggregating system logs
- tcpd - access control facility for internet services
- tcpdump
- tcpspy
- ufw - program for managing a netfilter firewall
hosts files
man pages
- man 5 hosts.deny = man 5 host.allow = man 5 hosts_access - format of host access control files
- man 5 hosts_options - host access control language extensions
If you want to protect the portmapper read rpcbind(8) and rpc.mountd(8)
IP ranges (geo)
Configuration
You can use /etc/host.deny and /etc/hosts.allow to manage the network access to a computer
Add to /etc/host.deny
ALL : ALL
Add to /etc/hosts.allow
sshd: The IP address of the hosts who's access has to be granted
Free certificate authorites
- Buypass Go SS
- Lets Encrypt
- ZeroSSL
Local certificate authoroty
See setting up your own root certificate authoroty
Risks
Avahi can leak data since it is a file share and service detection system on the network
Useful and interesting links
Hypponens law
Punk spider searches for vulnerable websites
Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy
RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2024 Webevaluation.nl and the authors
Changes reserved.
network_security.txt · Last modified: 22-06-2023 13:06 by wim