How to Set Up a Firewall Using Iptables | SSH Tarpit

preview_player
Показать описание
In this video, I go over how to set up a firewall on Linux using the built-in iptables that is in every Linux distribution. SSH Tarpit is something many people miss. .

  1. Chris Titus Tech
  2. chris titus tech
  3. linux
  4. firewall
  5. iptables
  6. iptables tutorial
Рекомендации по теме
How To Set 0:01:57

How To Set Up Your First Yoyo (Everything You Need To Know)

How to Set 0:07:19

How to Set Up a PA System for a Band

How to Set 0:03:27

How to Set Up a Router | Internet Setup

How to Create 0:05:53

How to Create a YouTube Channel for Beginners (Step-by-Step Tutorial)

How to set 0:37:53

How to set up a PC, the last guide you'll ever need!

How To Set 0:05:59

How To Set Up Amazon Fire Stick (2022)

Building The Perfect 0:13:59

Building The Perfect Streaming Setup For Only $100!

How To Set 0:08:08

How To Set Up A Sound System For A Live Event [PA System Setup Tutorial]

CLASSROOM SET UP 0:19:24

CLASSROOM SET UP DAY 3! | Decorating Doors, Setting Up Feelings Station, Cleaning, Hauls & More!...

Ergonomics Expert Explains 0:03:23

Ergonomics Expert Explains How to Set Up Your Desk | WSJ Pro Tip

How to Set 0:09:55

How to Set Up an LLC 2024: Step-by-Step Guide

How to Set 0:03:54

How to Set Up a Sewing Machine for Beginners with Angela Wolf

How To Set 0:16:26

How To Set Up a New Mac (Step-By-Step Guide)

How to set 0:04:21

How to set up the Roku Express/Express+ (Model 3930/3931)

How To Create 0:12:38

How To Create A YouTube Channel - 2023 Beginner’s Guide

How to set 0:01:49

How to set up your Echo Dot 3rd Gen | Amazon Echo

How to Set 0:01:31

How to Set Up a Modem | Internet Setup

Starting Carp Fishing 0:14:14

Starting Carp Fishing - How To Set Up A Carp Rod

How To Set 0:04:26

How To Set Up Alexa

How to Set 0:05:42

How to Set Up a Tent

How to Set 0:02:45

How to Set Up a Netgear Router | Internet Setup

How to Set 0:26:20

How to Set Up an Offgrid Windows Machine

How to Set 0:15:39

How to Set Up a Hand Plane to Get RIDICULOUSLY Thin Shavings - Essential Skills for Woodworking

Working from Home: 0:14:22

Working from Home: How to Set Up Your Workspace

Комментарии
Автор

Stopping by just to say thank you for this fantastic script. I just used it on a web server with a couple of modifications. Saved me a ton of work and time.

jlcgz
Автор

To keep reaction times of the netfilter short, I usually put rules for reply packets as well as established or related connections quite early into the chains and only later on add rules to accept new incoming connections.
While it usually doesn't do much pain if a client has to wait a bit for netfilter to process the initial SYN packet, once the connection has been established, processing runs significantly quicker. Plus you'd also want to add rules to both the PREROUTING and the OUTPUT chains of the raw table that exempt traffic to the loopback device from being conntracked, thereby reducing the overhead. Since localhost traffic (127.0.0.1 or ::1 depending on which variant of IP you are using) isn't routed, there's no need to keep track of the packets.

Robidu
Автор

Thanks for the tutorial Chris. I was always not clear with iptables. For me, ufw and gufw for gui are really simple to use.

risat
Автор

Thank you, Chris. I've saved this one.

AnzanHoshinRoshi
Автор

Good video! I use UFW on my systems as I believe it uses iptables, behind the scenes. After watching your video, I went to my Linux Mint system and ran the "iptables -nL" command and saw the rules setup by UFW. If UFW, at least, uses iptables why advocate for manually writing your own firewall rules? Isn't using your script(s) akin to using a GUI firewall tool? I can certainly see writing firewall rules by hand to learn how iptables works and discovering the power of netfilter. I've done this before and while the learning experience can be painful, it's definitely useful.


Still, good video. I think it would be great to develop a tutorial on configuring an IPv6 firewall. While writing this post, I ran the "man iptables" command on my Mint system and discovered the "ip6tables" command. So, I think a tutorial discussing an IPv6 firewall would be of use. :) Thanks for posting!

TheCocoaDaddy
Автор

Oh nice to see. I did the final setup of my own VPN which spans across all my devices, homenetwork and the endpoint is in a datacenter. All done with wireguard and iptables. Finally my devices have IPv6 adresses.

MaidLucy
Автор

Great video Chris, I personally use netfilter for my home routing. Love IPtables

mzah
Автор

This make now 10 years that I work with linux server, but I never loved to work with iptable.
Shorewall is so much more easy for me... And intuitive, that the most important part...

LtSich
Автор

What about ufw (uncomplicated firewall)? A tutorial for beginners to understand even further. Also great tutorial! This also helps for beginners to start doing something advanced.

hewfrebie
Автор

Is this only for people running servers? Like would even running mild game server with you as host, would this apply/be necessary? Is there any drawback/why isn't this enabled by default?

firstlast-cseg
Автор

Going to add this to my LM 19.2 box, as well as the hosts file entries I have and the pfSense FW it all sits behind...

davemckewan
Автор

Hello!!! Super good video, thank you. I activate the script on Debian/Xfce but by default It should block traffic from port 80, right? It shouldn't allow me to download files on the Internet, but it does. Or I'm wrong?

Israel
Автор

This is much better than UFW because you can customize by building small programs and then add a crontab to it just for fun( you dont really need to do that). I remember a few years ago I got so obsessed with iptables that my Apache server was overwhelmed by all the scripts I created for it. I was a fun sandbox experience though.

mybean
Автор

Thank you for sharing. Security is so important but, unfortunately, it's often overlooked.

tyrellmccurbin
Автор

I am Titu, nice to meet u. Titus for Titu & vice versa.

NeelNarayan
Автор

how can I disable libvirt's firewall rules that set up on boot?

CarlosSanchez-vwqo
Автор

Can this be use for the ip6tables also?

tedsarasin
Автор

Thank's a lot, you provide such a fantastic content !
very useful i leaned a lot
and by the way may i ask a question ? what are the rules we have to make in iptables so we can download usung torrent client ???

fqgonvl
Автор

I went a bit further with SSH services and other services such as VPN, CLOUD.
I restricted the acces of these service to only a few source IP adresses to narrow down the attack vector even more.
All other packets are just droped.
But Im wondering if those rules are optimal 🤔

RoyHess
Автор

Why not nftables? Better performance, syntax, combined rules and protocals, etc.

zyan