Using blocklist with iptables and firewalld

If you have any kind of server connected to the Internet, you are no doubt aware that no matter how small or unimportant it might seem, it is frequently probed, tested or subject to various attempts at abuse. These attacks come from so many malicious hosts that it is impossible to keep track by hand. So I started looking for a way to implement an automated blocklist to use with iptables and firewalld which I use on my servers.

Continue reading “Using blocklist with iptables and firewalld”

fail2ban – installation and configuration

Note, the following tutorial is a part of my engineering work entitled “Hardening of a Linux-based network server” under the direction of Ph. D. Kordian Smolinski in the Department of Theoretical Physics WFiIS UŁ defended in June 2019.

To install Fail2Ban on CentOS 7.6, you will first need to install the EPEL (Extra Packages for Enterprise Linux) repository. EPEL contains additional packages for all versions of CentOS, one of these additional packages is Fail2Ban.

Continue reading “fail2ban – installation and configuration”

SELinux security policy

I’m not an SELinux expert, but when I read many tutorials on the subject and saw dozens of tips that all said in one voice: turn off SELinux, because it causes problems, I thought it was time to challenge this thesis and prove that SELinux could be easy to use.

In a situation where a service does not run because of problems with permissions, creating a process ID (PID) file, you should update SELinux’s policy on enforcing the rules against the application, which by default is not included in SELinux’s Type Enforcement (TE) policies.

Continue reading “SELinux security policy”