In today’s world, there are high chances that attackers may attack your system because machines may be open to the world in one or another way. In order to get rid of all vulnerabilities and attacked you should consider protecting the Ubuntu network and ubuntu firewalls.
In this tutorial, you will learn how to Protect the Ubuntu network and ubuntu firewall with various ways to keep your machine far away from attacks and more secure.
This post will be a step-by-step tutorial. If you’d like to follow along, be sure you have:
- Ubuntu 21.04 machine or preferably Ubuntu 18.04 version plus , if you don’t have any machine you can create a ec2 instance on AWS account. Recommended to have 4GB RAM and at least 5GB of drive space
Checking ubuntu vulnerabilities
Let’s kick off this tutorial by first checking what could be potential reasons for ubuntu vulnerabilities. There are multiple points that one must consider to get rid of vulnerabilities like:
- Regularly check requirement of the applications such as softwares that are needed or no longer needed and if not needed make sure to purge those softwares or uninstall them.
- Delete the services that no longer need for example to install apache2 web server you only need apache2 service and avoid installing some other extra services that are not required.
- Disable services that are longer required in long run and are open to the world.
How to check the list of running services on ubuntu 21.04 machine
To check the list of running services on the ubuntu 21.04 machine consider running the below service command.
service --status-all | grep '\[ + \]'
How to stop ubuntu service running on ubuntu 21.04 machine
To stop the ubuntu service that is no longer required on the ubuntu 21.04 machine run the following command.
# service <service-name> stopservice service apport stop # To check the status of service use service <service-name> status
Scanning ubuntu 21.04 machine using various tools
There is various tool that one should use and scan the ubuntu machine to look for any connectivity issue or unknown IP attacking your system. Let’s start with the Nmap.
Running nmap commands
Nmap is also known as network mapper is most widely used to do an analysis of network, monitor host details and connections audits, and check all ports and connectivity on your machine or remote machine.
After you run the Nmap command you will see it displays all the closed ports, DNS records, etc.
- You can also run the Nmap command using the hostname instead of Ip address of network component.
nmap Hostname # nmap ip-10-111-4-53
Scanning ubuntu 21.04 with Rootkit hunter or Rkhunter
- Run rkhunter command to check the system files and configurations.
rkhunter -c # To check our own machine's system check
Protecting ubuntu 21.04 using
Another way to protect the linux or ubuntu 21.04 machines is by runnig tcptrace command. tcptrace is used to trace the TCP Packet information both on the receiving and sending end of connections.
- Run tcptrace to check the tcp connections as shown below.
How To Set Up the UFW Firewall on Linux
Without a firewall, there are no rules or restrictions on your network traffic and that leads to a number of negative consequences. Linux system comes with a default firewall configuration tool, which is Uncomplicated Firewall (UFW). But how do you set up a UFW firewall?
UFW service enables you to implement selective or restrictive policies regarding access to your System and is a interface to iptables. Lets check ufw commands in details to understand better.
- To install ufw firewall on ubuntu machine ( Note: Although this is already installed but incase it is not available)
apt install ufw
- Now, check if ufw is successfully installed on your machine by running service ufw status command.
service ufw status
- To check the UFW status on ubuntu 21.04 machine without running service command run the following command.
ufw status # Don't use service command
- To enable ufw on ubuntu 21.04 run the ufw enable command.
ufw enable # select yes to proceed
- To allow port 80 and port 22 using ufw allow command.
ufw allow ssh ufw allow 80
- To enable logging for ufw commands run the ufw loggin on commad else ufw logging off.
ufw logging on
UFW commands for ubuntu machine ( ufw firewall , ufw allow port , uwf limit etc.)
Lets quickly check the list of all UFW commands that are useful for network connectivity on ubuntu 21.04 machine. Let do a quick summary of ufw commands.
ufw enable ✏ ufw enable command enables the firewall on the machine.
ufw disable ✏ ufw disable command disables the firewall on the machine.
ufw reload ✏ufw reload command reloads the firewall to ensure changes are applied
ufw logging on|off ✏ ufw logging on|off command enables or disables logging ufw on the mahcine
ufw allow ✏ ufw allow command adds an allow rule on the machine.
ufw deny ✏ ufw deny command adds a deny rule on the machine.
ufw reject ✏ ufw reject command adds a reject rule on the machine.
ufw limit ✏ ufw limit command adds a limit rule on the machine.
ufw delete ✏ ufw delete command deletes the rule on the machine.
ufw status ✏ ufw status command shows the firewall status on the machine.
ufw-version ✏ufw-version command displays version information on the machine.
The Uncomplicated Firewall (ufw) is a front-end for iptables and is particularly well-suited for host-based firewalls, so you can block or allow traffic based on IP address, NIC, port, network, and more. You can set iptables to log all actions or just specific actions.
sudo iptables -L # Lists the currently set firewall rules
sudo iptables -L -vn # Lists the currently set firewall rules with more details
sudo iptables -F # Deletes the currently set firewall rules
Throughout this tutorial, you’ve realized that setting up a firewall and protecting the ubuntu machine is important and there are multiple ways to protect such as by using UFW, NMap commands, tcptrace.
You should now have a good understanding of how to protect Ubuntu network and ubuntu firewall, why not build on this newfound knowledge.