Posted by The TechMentor in CentOS, Configuration, Linux, Ubuntu
on Dec 2nd, 2012
Sometimes you have servers hanging out in the public internet in ways that you have little control over the network and hardware firewalls. Setting up a hosted server, such as a Virtual Private Server (VPS) or “node” in the cloud can be scary. Fortunately software firewalls, such as iptables, can add a little to piece of mind. But, in these days of automated attacks, it is still not enough. Usually the primary means of access to these servers is SSH. There are a couple really simple things can be done to make SSH more secure. I recently setup a new node on Linode. In the first hour there...
Posted by The TechMentor in CentOS, Configuration, Linux
on Dec 2nd, 2012
I recently setup a CentOS 6.3 server on Linode.com. One of the first things I wanted to do was lock it down with iptables. Unfortunately iptables was not starting cleanly. Specifically, It was failing here: Iptables Error – Setting Chains To Policy ACCEPT: Security Raw Nat Mangle Filter [FAILED] It turns out that was happening due to the paravirt kernel having a “security” chain compiled into it, and the default “iptables” init script included with CentOS does not know how to handle it. After a bit of searching I found a patch for the init script, posted by one of the...