Skip to main content

Brief Setup on Ubuntu UFW

As security is elusive ever since mankind invented encryption methods. It is important to set some form of wall to keep some marauding data thieves out of the walled 'data' garden. The old timeless saying of 'better late than never' rings true in this context.

A firewall is a basic protection for personal consumers since the late 1990s when internet usage becomes prevalent. In Ubuntu 16.04, the firewall typically consists of UFW (Uncomplicated Firewall). There is a graphical front-end but if you prefer to use commandline or your
computer is in need of more computing resource, the UFW is your preferred choice.

This brief is on setting up Ubuntu UFW using the gnome console or terminal using relatively simple rules (in comparison to setting up the Linux Firewall using iptables).

As an average user, we need to open certain ports to access the internet. Without a firewall, the 'attack surface' (as security commentators commonly use it to label the 'connection loopholes' that cyber 'predator' discover to 'listen' on its 'prey' ) is big enough to break into and is detrimental to your internet security.

The list of TCP and UDP and its concomitant service description can be found on the Wikipedia here.  If you are curious to know more in depth, you can go to the Internet Assigned Numbers Authority website (IANA website) to read further on the ports available.

To add rule to allow incoming access to your network, we execute the command:

sudo ufw allow 993/tcp

To delete rule that you have added, we execute the command:

sudo ufw delete allow 993/tcp

To add rule to allow outgoing access to the external network, we execute the command:

sudo ufw allow out 465/tcp

Similarly, to delete the outgoing rule we have added above, we execute:

sudo ufw delete allow out 465/tcp

To view the status of the UFW rules we have added to date, we execute:

sudo ufw status

That's all for today!

Attached is a screenshot of the UFW Rules (v6 stands for ipv6) and you can check /etc/default/ufw for the configuration:


Follow my blog with Bloglovin

Comments

Post a Comment

Popular posts from this blog

Repairing Fedora Grub using Fedora Live USB

First, Prepare the Fedora Workstation Live CD using Fedora Media Writer. Next, run the Workstation Live CD and run the console. Then, enter the following commands if you are running the separate boot and root partition: 1) sudo mount /dev/sdaX /mnt Note: sdaX is the root partition 2) sudo mount /dev/sdaW /mnt/boot Note: sdaW is the boot partition The following files are essential for running the essential processes for repairing grub and shall be mounted: 3) sudo mount --bind /dev /mnt/dev 4) sudo mount --bind /proc /mnt/proc 5) sudo mount --bind /sys /mnt/sys 6) sudo mount --bind /var/run /mnt/var/run Now, you are ready to go into the Fedora partitions to repair the grub files. The path should be changed to root user from liveuser> to root>: 7) sudo chroot /mnt If you are running dual boot Windows and Fedora system, the following command will replace the Metro Interface: 8) grub2-install /dev/sda With a dual-boot or multi-boot systems, the follow
Post a Comment
Read more

Installing SUSE Imagewriter on Linux Mint Debian Edition

The original title for this post is "Installing SUSE Imagewriter on Ubuntu LTS". Download Zip, save to preferred directory:~/Downloads However due to data loss of the blog, i decide to rewrite this article using Linux Mint Debian Editi on ( a similar distribution to Ubuntu ). First we have to download the source from Github (https://github.com/openSUSE/imagewriter) Download ZIP, save to preferred directory: ~/Downloads Extract imagewriter-master.zip in /home/username/Downloads and in terminal run the command: cd /home/username/Downloads/imagewriter-master Install the latest version of qt4-qmake and libqt4-dev by running: sudo apt-get update && sudo apt-get install qt4-qmake libqt4-dev Instructions for Linux Installation on github Follow the instructions in README.md by running the command: qmake DEFINES=USEHAL imagewriter.pro  Follow by the command: qmake DEFINES=USEUDISKS imagewriter.pro Next run the command: qmake DEFINE
Post a Comment
Read more

Fixing time on sysvinit and systemd

If you have a system that boot using different GNU/Linux init systems such as sysvinit (aka System 5) and systemd (aka System 500) in addition to proprietary Windows system, you may face incorrect time display on one of the aforementioned system. The difference in time display is dependent on the time difference of your location and the UTC time. Further complication may result from concept like Daylight Saving Time (DST). If the Bios is set to localtime, you may fix it in systemd boot system using 'timedatectl' command like: sudo timedatectl set-local-rtc 1 However, if you are using sysvinit and Bios is using localtime, you can set inform the system that local time is being used using 'hwclock' command like: sudo hwclock --localtime or to synchronize the hardware clock with system time and inform the system using: sudo hwclock --systohc --localtime If Bios is using UTC time, you may revert the change with 'timedatectl' like: sudo timedatectl set-lo
Post a Comment
Read more