Highest Voted 'firewall' Questions - Server Fault Stack Exchange

14

votes

3 answers

What are the named ports for iptables?

When setting up iptables you can name the port ssh which will use port 22. Is there a list of all the named ports? Specifically I need ssh, http, https and mysql.

linux firewall iptables

asked Jun 19 '09 at 21:50

Jason Christa

622
4
11
21

14

votes

7 answers

Good low power server/pc for firewall?

Does anyone know of a low power server/pc that have 2 NIC's, so it can be used for a (OpenBSD) firewall? Sandra

security firewall hardware bsd

asked Mar 07 '10 at 19:11

Sandra

10,303
38
112
165

14

votes

1 answer

Ufw and Iptables. Which is better and why?

I am a newbie to this domain, so i kept researching on ufw and iptables. But I cant distinguish them clearly because in every article /blog both of these names are present and I am really confused whether these are similar or not. I know ufw is a…

linux iptables firewall linux-networking ufw

asked Apr 28 '20 at 05:55

HelloWorld

243
1
2
5

13

votes

1 answer

AWS EC2 deny single ip address and allow all

I have a AWS EC2 instance and want deny access on port 80 for a single ip address (a bad bot). AWS console it seem support only "allow" rules. How deny a single ip address?

amazon-ec2 amazon-web-services firewall web-application-firewall

asked Dec 15 '16 at 11:44

ar099968

485
1
4
12

13

votes

2 answers

tcp flags in iptables: What's the difference between RST SYN and RST and SYN RST ? When to use ALL?

I'm working on a firewall for a virtual dedicated server and one of the things I'm looking into is port scanners. TCP flags are used for protection. I have 2 questions. The rule: -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP First argument…

firewall iptables tcp flags

asked Mar 30 '12 at 22:58

Kris

1,367
3
15
17

13

votes

4 answers

How to create a Windows 2008 Advanced Firewall rules group definition through the command prompt

Is there a way to create a group, or add to an existing group, to a rule in Windows Advanced Firewall (preferable through a command prompt or WSH script). Edit:

windows firewall scripting command-line-interface

asked Oct 28 '11 at 00:27

frogstarr78

485
7
18

13

votes

10 answers

Why buy high end hardware firewalls?

There exist firewalls from Juniper and Cisco that cost more than a house. So I wonder: what does one get from a $10.000+ firewall compared to an 2U server with 4x 10Gbit network cards running e.g. OpenBSD/FreeBSD/Linux? The hardware firewalls…

linux firewall cisco juniper

asked Oct 13 '10 at 22:09

Sandra

10,303
38
112
165

12

votes

2 answers

Do I need seperate iptables rule for ipv6 address?

On my debian 5.0 server, I setup some iptables rules like below: ACCEPT tcp -- eee.fff.ggg.hhh aaa.bbb.ccc.ddd tcp dpt:80 DROP tcp -- 0.0.0.0/0 aaa.bbb.ccc.ddd tcp dpt:80 aaa.bbb.ccc.ddd is my server's ip…

linux firewall iptables ipv6

asked Dec 25 '09 at 02:12

Long Cheng

247
1
2
8

12

votes

1 answer

How to block mysterious remote requests?

My CentOS server is experiencing huge (millions a day) requests looking like this: Srv PID Acc M CPU SS Req Conn Child Slot Client Protocol VHost Request 62-1 - 0/0/335 . 0.00 1947 204049 0.0 0.00 0.85 …

firewall bad-request

asked Dec 23 '18 at 12:02

Nils Munch

241
2
8

12

votes

4 answers

Is there a way to see what is actually filtering TCP port communication?

nmap -p 7000-7020 10.1.1.1 Will output all the filtered ports Starting Nmap 6.40 ( http://nmap.org ) at 2015-03-04 12:18 EET Nmap scan report for 10.1.1.1 Host is up (0.00091s latency). PORT STATE SERVICE 7000/tcp filtered…

firewall tcp nmap port-scanning

asked Mar 04 '15 at 10:33

Eduard Florinescu

851
5
24
39

12

votes

3 answers

automatically block IP address after many failed login attempts

I am receiving a lot of failed login attempts (1 per sec) on a Windows 2008 server, I have already set local security policy to automatically lock an account after too many login attempts, but is there a way to automatically include an IP adress in…

windows firewall

asked Jan 19 '13 at 19:28

Allie

221
1
2
5

12

votes

5 answers

Managing parallel rules for ipv4 and ipv6 iptables?

We've recently started experimenting with IPv6, and one of the first issues we're having to contend with is dealing with a completely separate set of firewall (Linux iptables/ip6ables) rules for the two protocol stacks. Our firewall logic is based…

linux firewall iptables ipv6

asked Jan 30 '12 at 16:41

larsks

43,623
14
121
180

12

votes

5 answers

Reviewing firewall rules

I need to review firewall rules of a CheckPoint firewall for a customer (with 200+ rules). I have used FWDoc in the past to extract the rules and convert them to other formats but there was some errors with exclusions. I then analyze them manually…

security firewall checkpoint

asked Jun 30 '09 at 09:03

chmeee

7,370
3
30
43

12

votes

6 answers

Windows Firewall has port 80 open but prevents Apache from making connections

I have a Windows 7 machine serving a very few (but important!) pages. I have an exception that allows any traffic to port 80*, but Apache 2.2 still can't serve pages (though I can see them from the machine itself). If I disable the Windows…

apache-2.2 windows-7 firewall

asked Sep 28 '11 at 19:03

Charles

363
2
3
17

12

votes

2 answers

Is there a secure way to allow IIS 7 in a DMZ to access a DB server behind the firewall?

Our network admins are adamant that it is insecure for our web servers, which are hosted in the DMZ, to access the DB server behind our firewall. To get round the problem, we access the data via web services or WCF. I feel that this is an…

sql-server database iis firewall dmz

asked Aug 05 '11 at 09:14

Al Polden

223
2
4

Questions tagged [firewall]