In today’s world, there are high chances that attackers may attack your system because machines may be open to the world in one or another way. To eliminate all vulnerabilities and attacks, you should consider protecting the Ubuntu network and ubuntu firewalls.

In this tutorial, you will learn how to Protect the Ubuntu network and ubuntu firewall with various ways to keep your machine far from attacks and more secure.

Let’s go!

Table of Content

1. Prerequisites
2. Checking ubuntu vulnerabilities
3. How to check the list of running services on ubuntu 21.04 machine
4. How to stop ubuntu service running on ubuntu 21.04 machine
5. Scanning ubuntu 21.04 machine using various tools
6. Scanning ubuntu 21.04 with Rootkit hunter or Rkhunter
7. Protecting ubuntu 21.04 using tcptrace command
8. How To Set Up the UFW Firewall on Linux
9. UFW commands for ubuntu machine ( ufw firewall , ufw allow port , uwf limit etc.)
10. Conclusion

Prerequisites

This post will be a step-by-step tutorial. If you’d like to follow along, be sure you have:

• Ubuntu 21.04 machine or preferably Ubuntu 18.04 version plus , if you don’t have any machine you can create a ec2 instance on AWS account. Recommended to have 4GB RAM and at least 5GB of drive space

Checking ubuntu vulnerabilities

Let’s kick off this tutorial by first checking potential reasons for ubuntu vulnerabilities. There are multiple points that one must consider to get rid of vulnerabilities like:

• Regularly check requirement of the applications such as softwares that are needed or no longer needed and if not needed make sure to purge those softwares or uninstall them.
• Delete the services that no longer need for example to install apache2 web server you only need apache2 service and avoid installing some other extra services that are not required.
• Disable services that are longer required in long run and are open to the world.

How to check the list of running services on ubuntu 21.04 machine

Consider running the below service command to check the list of running services on the ubuntu 21.04 machine.

service --status-all | grep '\[ + \]'

How to stop ubuntu service running on ubuntu 21.04 machine

To stop the ubuntu service no longer required on the ubuntu 21.04 machine, run the following command.

# service <service-name> stopservice
service apport stop 
# To check the status of service use service <service-name> status

Scanning ubuntu 21.04 machine using various tools

There are various tools that one should use and scan the ubuntu machine to look for any connectivity issue or unknown IP attacking your system. Let’s start with the Nmap.

Running nmap commands

Nmap is, also known as network mapper, is most widely used to do an analysis of network, monitor host details, and connections audits, and check all ports and connectivity on your machine or remote machine.

After you run the Nmap command, you will see it displays all the closed ports, DNS records, etc.

nmap ip-address

• You can also run the Nmap command using the hostname instead of Ip address of network component.

nmap Hostname      # nmap ip-10-111-4-53  

Scanning ubuntu 21.04 with Rootkit hunter or Rkhunter

Rootkit hunter or RKhunter tool is used to find the issues in file and directories permission, hash changes and executables with incorrect file permissions, hidden files.

• Run rkhunter command to check the system files and configurations.

rkhunter -c  # To check our own machine's  system check

Protecting ubuntu 21.04 using tcptrace command

Another way to protect the Linux or ubuntu 21.04 machines is by running the tcptrace command. tcptrace is used to trace the TCP Packet information on the receiving and sending end of connections.

• Run tcptrace to check the tcp connections as shown below.

 tcptrace -houtput

How To Set Up the UFW Firewall on Linux

Without a firewall, there are no rules or restrictions on your network traffic, and that leads to several negative consequences. The Linux system comes with a default firewall configuration tool called Uncomplicated Firewall (UFW). But how do you set up a UFW firewall?

UFW service enables you to implement selective or restrictive policies regarding access to your System and interface to iptables. Let’s check ufw commands in detail to understand better.

• To install ufw firewall on ubuntu machine ( Note: Although this is already installed but incase it is not available)

apt install ufw 

• Now, check if ufw is successfully installed on your machine by running service ufw status command.

service ufw status

• To check the UFW status on ubuntu 21.04 machine without running service command run the following command.

ufw status                 # Don't use service command 

• To enable ufw on ubuntu 21.04 run the ufw enable command.

ufw enable  # select yes to proceed 

• To allow port 80 and port 22 using ufw allow command.

ufw allow ssh   ufw allow 80

• To enable logging for ufw commands run the ufw loggin on commad else ufw logging off.

ufw logging on 

UFW commands for ubuntu machine ( ufw firewall , ufw allow port , uwf limit etc.)

Let’s quickly check the list of all UFW commands useful for network connectivity on ubuntu 21.04 machines. Let’s do a quick summary of ufw commands.

ufw enable ✏ ufw enable command enables the firewall on the machine.
ufw disable ✏ ufw disable command disables the firewall on the machine.
ufw reload ✏ufw reload command reloads the firewall to ensure changes are applied
ufw logging on|off ✏ ufw logging on|off command enables or disables logging ufw on the machine
ufw allow ✏ ufw allow command adds an allow rule on the machine.
ufw deny ✏ ufw deny command adds a deny rule on the machine.
ufw reject ✏ ufw reject command adds a reject rule on the machine.
ufw limit ✏ ufw limit command adds a limit rule on the machine.
ufw delete ✏ ufw delete command deletes the rule on the machine.
ufw status ✏ ufw status command shows the firewall status on the machine.
ufw-version ✏ufw-version command displays version information on the machine.

The Uncomplicated Firewall (ufw) is a front-end for iptables and is particularly well-suited for host-based firewalls, so you can block or allow traffic based on IP address, NIC, port, network, and more. You can set iptables to log all actions or just specific actions.

sudo iptables -L     #  Lists the currently set firewall rules

sudo iptables -L -vn   #  Lists the currently set firewall rules with more details

sudo iptables -F    #  Deletes the currently set firewall rules 

Conclusion

Throughout this tutorial, you’ve realized that setting up a firewall and protecting the ubuntu machine is important. There are multiple ways to protect, such as using UFW, NMap commands, tcptrace.

You should now have a good understanding of how to protect the Ubuntu network and ubuntu firewall; why not build on this newfound knowledge.