Join Log in
Score:-2
Robin avatar Ubuntu

Is this a good firewall to keep brute force atackers out?

se flag
Robin

I am wondering, is the script below a good firewall script to keep brute force attackers out off my desktop?

iptables -F
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -o lo -p all -j ACCEPT
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

Anyone?

46
1 + 3
user535733 avatar
cn flag
user535733
Why specifically brute force attackers? What vulnerable service are they attempting to bruteforce? This seems like a possible [XY Question](https://en.wikipedia.org/wiki/XY_problem): You might be trying to ask about basic good security habits instead.
0
Reply
pLumo avatar
in flag
pLumo
Against bruteforce, there is `fail2ban`.
0
Reply
Doug Smythies avatar
gn flag
Doug Smythies
With a default OUTPUT policy of ACCEPT, you do not need `iptables -A OUTPUT -o lo -p all -j ACCEPT`. If your ip address is static then okay, but if DHCP then you need to allow it in.
1
Reply
Score:1
24601 avatar Ubuntu
in flag
24601

If you want a "hardened" version of Ubuntu then look at Ubuntu Pro rather than try to do the job yourself.

Ubuntu Pro is a security-hardened version of Ubuntu targeted at enterprise and corporate users who cannot compromise on stability. It is sold as a subscription, but it is free for non-commercial use on up to five computers.

How to Geek Reference

Ubuntu Reference

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.