Using iptables to secure your cloud server - CentOS

Expertise level: Medium

Here are some useful commands to secure your Cloud server if you are using CentOS:

Blocking an IP 

iptables -A INPUT -s xx.xx.xx.xx -j DROP

Blocking an IP for a specific port

iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j DROP

Allowing access to an IP

iptables -A INPUT -s xx.xx.xx.xx -j ACCEPT

 Allowing access to an IP to a specific port

iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j ACCEPT

where, xx.xx.xx.xx is the remote IP address and PORT is the port number you wish to allow/deny access to.

Blocking a scanner on your server  (example “w00tw00t.at.ISC.SANS”) 

iptables -I INPUT -p tcp --dport 80 -m string --algo bm --string 'GET /w00tw00t.at.ISC.SANS.' -j DROP

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk