Difference between revisions of "Template:Menu content security"

(Firewall)
(Firewall)
Line 71: Line 71:
  
  
SSH can also be used to create a '''[VPN tunnel over SSH]'''
+
SSH can also be used to create a '''[[VPN tunnel over SSH]]'''
  
  

Revision as of 13:39, 9 April 2017


Security

How to secure your server / workstation ?


Global security

Internet security Internet security



SSH

SSH SSH




Firewall

FW principle This section explains HOW to create, maintain and use a firewall with IpTables.


Firewall
Basics Firewall principle
Firewall basics
Firewall core (main) protocols
Firewall VPN
Firewall OUTPUT filters
Firewall INPUT filters
Firewall log dropped
Advanced Firewall port forwarding
Firewall source address filtering
Installation and scripts Firewall installation scripts


SSH can also be used to create a VPN tunnel over SSH


You can also try to setup the interactive firewall: DouaneAPP (http://douaneapp.com/)

  1. Install Douane dependencies and requirements
apt-get install build-essential
apt-get install dkms
apt-get install libboost-filesystem-dev libboost-regex-dev libboost-signals-dev policykit-1 libdbus-c++-dev libdbus-1-dev liblog4cxx10-dev libssl-dev
apt-get install libboost-signals-dev libdbus-c++-dev libdbus-1-dev liblog4cxx10-dev libgtkmm-3.0-dev
apt-get install gtk+3.0 python3 python3-gi policykit-1 python3-dbus
  1. Douane compilation and setup

>> Official Douane website: https://github.com/Douane/Douane

SSL

SSL SSL certificates and chain of trust


SSL server


VPN

VPN Virtual Private Network (VPN)



Remote desktop

Remote desktop Remote desktop



Intrusion Detection / Protection

Radar Protection is good, but that's not enough! We need to detect attacks.


  • IDS = Intrusion Detection System : tool that detect attacks.
  • IPS = Intrusion Protection System : detect an intrusion attempt and react upon it.


I'm using one of the most famous IDS: "Snort" (https://www.snort.org/).


Crontab

Alarm clock To run some task / scripts periodically


crontab