Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

0x13. Firewall #16

Merged
merged 1 commit into from
Dec 18, 2023
Merged

0x13. Firewall #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions 0x13-firewall/0-block_all_incoming_traffic_but
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
sudo apt-get -y install ufw
sudo ufw enable
sudo ufw default deny incoming
sudo ufw allow 22
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw reload
Empty file added 0x13-firewall/100-port_forwarding
View file
Open in desktop
Empty file.
40 changes: 40 additions & 0 deletions 0x13-firewall/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# Firewall

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

More Info
---------------

As explained in the [web stack debugging](https://github.com/the1Riddle/alx-system_engineering-devops/tree/master/0x0E-web_stack_debugging_1#web-stack-debugging-1)telnet is a very good tool to check if sockets are open with telnet IP PORT. For example, if you want to check if port 22 is open on web-02 or on your web server:

user@ubuntu$ telnet web-02.holberton.online 22
Trying 54.89.38.100...
Connected to web-02.holberton.online.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

Protocol mismatch.
Connection closed by foreign host.
user@ubuntu$

We can see for this example that the connection is successful: Connected to web-02.holberton.online.
<br>
Now let’s try connecting to port 2222:

user@ubuntu$ telnet web-02.holberton.online 2222
Trying 54.89.38.100...
^C
user@ubuntu$

We can see that the connection never succeeds, so after some time I just use ctrl+c to kill the process.
<br>
This can be used for any debugging situation where two pieces of software need to communicate over sockets.

Warning!
---------------

> [!WARNING]<br>
> **Containers on demand cannot be used for this project (Docker container limitation)**
<br>
> **Be very careful with firewall rules! For instance, if you ever deny port 22/TCP and log out of your server, you will not be able to reconnect to your server via SSH, and we will not be able to recover it. When you install UFW, port 22 is blocked by default, so you should unblock it immediately before logging out of your server.**