Every open port on a server is a potential attack surface, so operations engineers should run a thorough nmap‑based port security audit after provisioning, firewall changes, or new service deployments to ensure only required ports are listening.
A detailed analysis of CVE‑2026‑0300 reveals how a nation‑backed group exploited a buffer‑overflow in PAN‑OS's Captive Portal to obtain root on Palo Alto firewalls, outlining the attack chain, affected versions, immediate mitigations, long‑term remediation, compliance impacts, and lessons learned.
This article walks operations engineers through the most frequent security‑configuration problems encountered during Grade‑Protection (等保) remediation, detailing the regulatory background, specific compliance gaps, step‑by‑step remediation commands for Linux systems, verification methods, FAQs, and a practical implementation workflow.
This guide provides a detailed 20‑item checklist for Linux server hardening—covering snapshots, account management, SSH key authentication, password policies, firewall rules, service reduction, kernel tweaks, logging, and verification scripts—to ensure a new production server is secure before it goes live.
The article recounts a real‑world iptables misconfiguration that cut off SSH access and caused a 47‑minute outage, then walks through the root‑cause analysis, step‑by‑step remediation, common pitfalls, rule‑ordering nuances, monitoring, automation, and migration to nftables, offering a comprehensive firewall best‑practice handbook.
This guide walks you through the root causes of "port unreachable" problems, explains TCP and UDP handshakes, and provides a seven‑layer troubleshooting framework with concrete commands, scripts, case studies, best‑practice recommendations, and monitoring setups for Linux environments.
This comprehensive guide walks you through Linux host hardening by explaining the security baseline, detailing default configurations, highlighting common pitfalls, and providing concrete, verifiable adjustments for account policies, SSH, firewalls, kernel parameters, file permissions, and audit logging, complete with scripts, examples, and real‑world case studies.
This guide walks you through the fundamentals of Linux Netfilter, compares iptables and nftables architectures, shows how to build, migrate, and optimize enterprise‑grade firewall rule sets, and provides best‑practice tips, automation scripts, monitoring metrics, and troubleshooting procedures for secure, high‑performance network protection.
A non‑professional using Claude Code exploited a cloud‑permission flaw in DJI Romo robots to control 6,700 devices across 24 countries, while a separate AI‑driven campaign compromised over 600 Fortinet firewalls in 55 nations, illustrating how generative AI is dramatically lowering the barrier to large‑scale cyber attacks.
This article outlines the four primary API security risks—malicious calls, data tampering, sensitive data leakage, and XSS propagation—and presents a comprehensive, multi‑layered protection framework spanning frontend safeguards, firewalls, gateways, and fine‑grained API design guidelines within APICloud.
This comprehensive guide walks you through real‑world intrusion analysis and a multi‑layered hardening strategy for Linux servers, covering SSH security, Fail2Ban, firewalls, iptables, IDS, file integrity monitoring, automated alerts, emergency response, and advanced techniques to create a robust defense.
This comprehensive guide walks operations engineers through the fundamentals, configuration, monitoring, troubleshooting, and automation of switches, routers, and firewalls, providing practical commands, best‑practice scripts, and security hardening steps for reliable network infrastructure.
This guide walks you through why Firewalld is the preferred firewall on CentOS 7+, explains its core concepts, shows step‑by‑step installation, zone management, service and port configuration, and demonstrates how to integrate ipset for efficient bulk IP handling, including pitfalls and best practices.
This guide shows how to automatically download the latest APNIC IP allocation list, generate Nginx allow rules for Chinese IP ranges, configure the server to permit only those addresses, and set up daily updates, providing a free, low‑overhead way to block foreign traffic.
Netfilter, created by Rusty Russell in 1998 and merged into the Linux kernel in 2000, offers a modular packet‑filtering framework with hooks for filtering, NAT, dropping and logging, and is managed through utilities such as ebtables, arptables, iptables/ip6tables, nftables, conntrack, ulogd, nf_log and nf_queue.
This comprehensive guide walks you through iptables fundamentals, four‑table architecture, common use cases, environment setup, step‑by‑step rule creation, NAT configuration, advanced attack mitigation, rule management, best practices, troubleshooting, performance monitoring, and backup strategies for building a robust Linux firewall.
This beginner-friendly guide explains Linux firewalld fundamentals, compares it with iptables, details zone concepts, and walks through practical examples for blocking ping, restricting SSH access, and enabling Apache, providing clear commands and configuration files to help system administrators secure their servers.
This tutorial walks through configuring a Linux firewall and web server, setting up network interfaces across four virtual machines, enabling NAT, defining DMZ zones, securing SSH on a non‑standard port, and verifying connectivity, providing a comprehensive hands‑on guide for robust network security.
The article traces the evolution of network hardware—from early PCs without networking, through cables, NICs, repeaters, hubs, bridges, and switches, to routers, wireless APs, firewalls and traffic‑control devices—explaining each device's role, limitations, and how they solve specific networking problems.
This guide walks through practical Linux security hardening on RHEL 7, covering account locking, password policies, SELinux activation, SSH port changes, firewall minimization, immutable system files, and other measures to elevate the system to a higher security level.
As network security threats rise, unpatchable MySQL vulnerabilities can be mitigated by configuring iptables rules that whitelist trusted IPs for port 3306 and drop all other traffic, with clear guidance on rule ordering and the differences between DROP and REJECT actions.
This guide walks you through the most critical Linux security flaws—from privilege‑escalation and misconfigured sudo to SSH, web server, kernel, and container risks—offering concrete hardening steps, logging practices, firewall rules, incident‑response procedures, and compliance tips to build a resilient production environment.
This comprehensive guide walks you through Linux security threats, three-layer defense strategies, user account hardening, SSH and firewall configuration, file system protection, service hardening, kernel tuning, automated monitoring, incident response, and a step‑by‑step implementation roadmap to build a resilient, multi‑layered defense system.
This tutorial walks you through installing ocserv, creating a CA and server certificates, configuring ocserv settings, adjusting kernel parameters, setting up iptables firewall rules, managing VPN users, and controlling the ocserv service on a CentOS server.
An in‑depth guide for operations engineers covering TCP/IP stack fundamentals, practical routing and firewall configurations, kernel and NIC tuning, automation scripts, and emerging technologies such as eBPF, providing real‑world case studies and step‑by‑step commands to master network reliability and performance.
This article provides a comprehensive overview of Linux's software firewall, explaining how iptables works with the netfilter framework, detailing tables, chains, hook functions, packet flow, common commands, rule‑management techniques, best‑practice optimizations, and methods for persisting firewall configurations.
This comprehensive guide walks you through real‑world intrusion analysis, multi‑layer SSH hardening, Fail2Ban, firewall and iptables rules, intrusion detection with OSSEC, automated monitoring scripts, advanced techniques like port knocking and honeypots, and a complete incident‑response playbook to secure any Linux server.
This comprehensive guide walks you through a real intrusion case, then presents a multi‑layer defense strategy—including SSH hardening, Fail2Ban, firewall rules, IDS, file integrity monitoring, advanced techniques like port knocking and honeypots, plus monitoring, alerting, and emergency response—to dramatically improve Linux server security.
This guide explains why modern enterprises need unified log collection for diverse security devices, introduces LoongCollector's flexible configuration for parsing and standardizing firewall logs from WAF, FortiGate, and Palo Alto, and provides step‑by‑step examples, code snippets, and visual results to enable efficient threat analysis and compliance.
This guide explains how to unify and parse heterogeneous firewall logs from vendors such as Longteng WAF, FortiGate, and Palo Alto by configuring LoongCollector, creating Alibaba Cloud Log Service resources, and applying JSON, key‑value, and CEF parsing rules to enable structured security analytics.
This comprehensive guide walks you through essential Linux security hardening steps—including system updates, service disabling, password policies, SSH configuration, firewall rules, intrusion detection, file integrity monitoring, log auditing, automation scripts, and emergency response—to help enterprises build a resilient and continuously protected infrastructure.
This tutorial walks through setting up a Linux firewall with multiple network interfaces, configuring a DMZ web server, enabling HTTP/HTTPS services, blocking ICMP ping, and securely exposing SSH on a custom port for both internal and external access, complete with command examples and verification steps.
This article introduces Ubuntu’s Uncomplicated Firewall (UFW), explaining how to enable, disable, reset, set default policies, and create, modify, or delete specific IP, port, and protocol rules using concise command-line examples, helping users quickly secure client machines with practical firewall configurations.
This guide explains how to mitigate several MySQL-related security flaws—such as CVE-2022-32221, CVE-2023-21912, and CVE-2022-37434—by configuring iptables rules to restrict traffic, illustrating command usage, rule ordering, and the differences between DROP and REJECT actions.
This step‑by‑step tutorial shows how to set up a Linux firewall, configure network interfaces, deploy an Apache web server, and secure remote SSH access—including custom port mapping and ICMP blocking—using firewalld commands and configuration files across a multi‑machine test environment.
This article provides a comprehensive comparison of free PC firewall solutions, detailing each software's core functions, suitable scenarios, drawbacks, and source references, followed by key recommendations, compatibility notes, performance assessments, and user feedback to help readers choose the most suitable firewall.
This guide walks through practical Linux security hardening on RHEL 7, covering account lockdown, password policies, SELinux activation, SSH port changes, login restrictions, file immutability, compiler and log protection, and minimal firewall rules to elevate the system to a higher security level.
This guide explains how iptables works, covering common scenarios such as blocking IPs, port forwarding, NAT configurations, the structure of tables and chains, and how to persist rules across reboots, with concrete command examples and practical tips.
With rising network security threats and unpatchable MySQL vulnerabilities in production, this guide shows how to configure Linux iptables rules to restrict traffic, allow specific IPs to access port 3306, and choose between DROP and REJECT actions to effectively protect your database.
This guide lists 30 commonly exposed high‑risk ports such as LDAP, MySQL, and Docker, explains the security threats they pose, and provides practical firewall, service‑management, and port‑closing steps—including command‑line examples—to help you harden your systems against attacks.
This comprehensive guide explains Linux's software firewall architecture, the relationship between iptables and netfilter, common use cases, hook functions, packet flow, rule composition, command syntax, matching options, extensions, best‑practice optimizations, and how to persist rules across reboots.
This guide walks you through using firewalld on CentOS 7, covering status checks, starting and restarting the service, configuring zones, managing ports and sources, applying rich rules, and persisting changes, while providing clear command examples for each step.
This guide explains the differences between firewalld and iptables on CentOS 7, introduces zone management, details iptables packet flow, tables, chains, and provides practical commands for installing, configuring, and managing firewall rules, including examples for SSH and ping traffic.
This article provides a comprehensive overview of Linux's Netfilter framework and its iptables user‑space tool, explaining their hook‑based architecture, core data structures, rule tables and chains, common configuration commands, practical use cases, and both strengths and limitations for network security.
This guide lists the most dangerous Linux ports, explains their typical uses, the security risks they pose, and provides concrete recommendations—such as changing default ports, disabling services, and applying firewall rules—to harden your system against attacks.
This guide explains the concept of reverse SSH, why it is needed to access servers behind restrictive firewalls, and provides step‑by‑step commands and configuration tips—including port forwarding with the -R option and recommended sshd settings—to establish a reliable reverse tunnel.
This guide walks through a comprehensive Linux hardening process on RHEL7, covering account lockdown, password policies, SSH port changes, SELinux activation, firewall minimization, file attribute protection, and compiler restrictions, all illustrated with concrete commands and configuration examples.
TCP RST packets, used to abruptly terminate or reject connections, appear at various stages—handshake, data transfer, and teardown—and can stem from server port closures, connection limits, malformed SYNs, firewall policies, timeouts, or middlebox interventions, with each scenario identifiable through detailed packet‑level analysis.
This comprehensive guide explains Linux's netfilter firewall framework, its five hook points, how iptables maps rules to tables and chains, and provides step‑by‑step examples for traffic filtering, NAT, custom chains, and rule persistence using iptables commands.
Learn how to secure a Linux server by configuring firewalls with iptables and firewalld, managing user permissions, setting up auditd, applying automatic updates, and deploying intrusion detection tools like OSSEC and AIDE, plus a step‑by‑step response workflow for real‑world attack scenarios.
This guide walks through comprehensive Linux security hardening on RHEL7, covering account lockout, password policies, SELinux configuration, SSH port changes, root login disabling, umask restriction, immutable system files, GCC limitation, log protection, minimal firewall rules, and related command examples.
This article provides a comprehensive, step-by-step tutorial on checking, installing, editing, and applying iptables firewall rules on a Linux system, including common port allowances, ICMP handling, rule persistence, and startup configuration using command-line examples.
Learn step‑by‑step how to configure iptables to log both inbound and outbound dropped packets to syslog, customize log prefixes and levels, and interpret the resulting log entries for effective firewall troubleshooting on Linux systems.
This article introduces iptables, explains its core concepts such as chains, rules, and tables, demonstrates common command‑line operations for displaying, adding, deleting and modifying rules, and presents a real‑world firewall configuration example for securing jump‑servers on CentOS.
This guide walks through installing iptables, loading kernel modules, starting the firewall, mastering core iptables options, creating and managing rules for ports, IPs, and protocols, saving configurations, troubleshooting pitfalls, and provides hands‑on exercises for Linux network security.
This guide explains firewall fundamentals, classifications, and detailed usage of Linux iptables and firewalld commands, covering tables, chains, rule priorities, NAT/ SNAT examples, and zone-based configurations to help secure network traffic effectively.
To prevent malicious API abuse, implement layered defenses such as firewalls to block unwanted traffic, robust captchas and SMS verification, mandatory authentication with permission controls, IP whitelisting for critical endpoints, HTTPS encryption, strict rate‑limiting via Redis, continuous monitoring with alerts, and an API gateway that centralizes filtering, authentication and throttling.
This article provides a comprehensive, hands‑on tutorial for securing Linux systems by configuring firewalld with firewall‑cmd, managing iptables rules, enabling port forwarding, setting up fail2ban, and applying advanced techniques such as SELinux, TCP wrappers, and connection‑tracking to harden the firewall.
This article walks through eight concrete techniques—firewall rules, captchas, authentication checks, IP whitelists, HTTPS encryption, rate limiting, monitoring, and an API gateway—to prevent abusive requests from draining resources or compromising critical services.
Linux’s open‑source nature, robust package management, kernel‑level protections, built‑in firewall, and community‑driven security practices result in far fewer malware threats, reducing the need for traditional antivirus software and external firewalls compared to Windows, as outlined in five key reasons.
This guide walks Linux system administrators through essential network interface commands—such as ifconfig, ip, route, netstat, traceroute, ping, ss, nmcli, iw, ethtool, firewall-cmd, and iptables—providing clear syntax, practical examples, and tips for configuring IP addresses, routes, DNS, VPNs, and firewall rules.
This guide details Linux firewall components—including iptables, firewalld, and netfilter—explaining their coexistence, rule tables, chain structures, command syntax, and configuration files, while providing practical examples for managing zones, services, and packet filtering on RHEL/CentOS systems.
This guide explains the coexistence of firewalld and iptables on CentOS 7, compares their features, details zone concepts, outlines iptables architecture, and provides step‑by‑step commands for installing, configuring, and managing firewall rules, including rule syntax and saving configurations.
This article explains a comprehensive set of techniques—including firewalls, captchas, authentication checks, IP whitelists, data encryption, rate limiting, monitoring, and API gateways—to protect interfaces from malicious abuse and ensure secure, reliable service operation.
This article outlines eight effective techniques—including firewalls, captchas, authentication checks, IP whitelists, data encryption, rate limiting, monitoring, and API gateways—to protect interfaces from malicious traffic and costly abuse while balancing user experience.
This article explains how Kubernetes 1.29 integrates nftables as a feature gate, compares nftables with iptables, details its syntax, address families, hooks, and core objects, and provides step‑by‑step examples for tables, chains, rules, sets, maps, counters, quotas, limits, NAT, and monitoring.
This guide enumerates seven typical reasons why a cloud server’s port may be unreachable—ranging from an unstarted application and incorrect port listening to security‑group rules, firewall settings, application‑level IP blocks, network outages, and user‑side issues—and provides concrete Linux commands and configuration steps to diagnose and resolve each problem.
Exposing your public IP address can invite DDoS floods, vulnerability scanning, privacy breaches, and targeted phishing or malware attacks, so you should protect it with firewalls, regular updates, secure VPN connections, and by avoiding public disclosure on social platforms.
This article lists the most frequent causes—such as an unstarted application, incorrect port listening, cloud security‑group settings, firewall rules, application‑level IP restrictions, network problems, and user‑side issues—and provides step‑by‑step commands and screenshots to help troubleshoot and restore access to cloud server ports.
This tutorial walks through installing TigerVNC on a Rocky Linux 8.9 server, creating VNC users, configuring systemd services, opening firewall ports, and connecting from a Windows 10 client with UltraVNC Viewer, providing all necessary commands and screenshots for a fully functional remote desktop setup.
MySQL 8.2.0, released on October 25, 2023, introduces audit‑log cleanup scripts, FIDO‑based authentication, named‑parameter support, numerous deprecations, firewall reload scheduling, expanded SQL syntax options, and new client and server features while dropping outdated functions and variables.
This article explains what Firewalld is, outlines its key features such as zones, runtime versus permanent settings, services, and dynamic updates, and provides step‑by‑step commands to create firewall rules that limit access to an Nginx server on port 8088 to a single IP address while leaving other ports unrestricted.
This guide explains how to use Firewalld on CentOS to create zones, services, and rich rules that restrict access to specific ports for designated IP addresses, covering installation checks, rule creation, dynamic updates, and verification commands for comprehensive firewall management.
This step‑by‑step guide shows how to install iptables, clear existing rules, set default DROP policies, allow established connections and loopback traffic, block a specific IP from accessing port 80, save the configuration, and verify that the firewall works as intended.
This article compiles seventeen practical Linux administration techniques—from batch file handling and directory checks to log analysis, disk monitoring, firewall rules, and network capture—each illustrated with ready‑to‑run shell commands and concise explanations for sysadmins.
This article explains how firewalls act as barriers between trusted and untrusted networks, covering placement, stateful vs. stateless filtering, deep packet inspection at layer 7, security zones, ACL configuration, and the role of DMZs in protecting internal resources.
This guide explains how firewalls protect networks by using stateful filtering, deep packet inspection of application-layer data, and security zones such as inside, outside, and DMZ, illustrating configuration examples, ACL usage, and best‑practice traffic control.
The SRE team diagnosed an in‑flight Wi‑Fi outage for the DeWu e‑commerce app by reproducing the problem, capturing packets with ping, traceroute and tcpdump, discovered a firewall rule misclassifying the domain as a download site, and resolved it through a vendor‑issued policy update, restoring connectivity on both ATG and SATCOM links.
This comprehensive guide explains intrusion detection and prevention systems, firewalls, waterwalls, Netfilter, and essential Linux firewall tools such as iptables, firewalld, and nftables, covering their architectures, command syntax, rule management, NAT, and packet capture with tcpdump.
This article explains what firewalls are, how they inspect network traffic, the various deployment and operational types—including hardware, software, cloud, packet‑filtering, stateful, proxy, and next‑generation firewalls—and their respective advantages and disadvantages.
This article introduces ProxySQL as a high‑performance MySQL proxy, explains its request flow, multi‑layer configuration system, key tables, and demonstrates practical scenarios such as read‑write splitting, hostgroup weight tuning, replication‑lag handling, blacklist/whitelist rules, and firewall protection.
This article introduces iptables, explains its core concepts such as chains, rules, and tables, demonstrates common commands for listing, adding, deleting, and modifying rules, and presents a step‑by‑step firewall configuration case for securing jump‑hosts on CentOS systems.
The article recounts a Kubernetes cluster intrusion where a misconfigured kubelet allowed crypto‑mining, details the forensic steps taken—including empty iptables, kubelet API exposure, and commented‑out settings—and offers concrete hardening recommendations to prevent similar attacks.
This article explains Linux connection tracking (conntrack), its implementation in Netfilter, and provides detailed instructions for using iptables—including rule queries, additions, deletions, modifications, saving, loading, match extensions, custom chains, and logging—to manage firewall behavior and network security effectively.
This article provides a comprehensive overview of iptables, detailing its host‑type filter table, limitations, the four main tables (filter, nat, mangle, raw), their respective chains, common command examples, and explains NAT concepts such as SNAT, DNAT, and MASQUERADE for Linux network security.
This guide explains how to detect traffic attacks on a low‑traffic Linux website, split Nginx logs daily, identify IPs with excessive requests, and automatically block them using iptables rules scheduled via cron, complete with ready‑to‑run Bash scripts and common firewall commands.
This guide explains step‑by‑step how to check firewall status, start firewalld, open specific ports, reload or restart the firewall on CentOS 7, and modify iptables directly on CentOS 6, including useful commands for listing, removing, and temporarily disabling ports.
This article explains how to use the iptables hashlimit module to create a stateful rate‑limiting chain, details the required commands, clarifies the meaning of the --hashlimit‑upto and --hashlimit‑burst parameters, and provides an example illustrating credit‑based packet acceptance.
An overview of essential Linux firewall solutions—including iptables, IPCop, Shorewall, UFW, Vuurmuur, pfSense, IPFire, Smoothwall, Endian, and ConfigServer—covers their core functions, key features, and typical use cases, helping administrators choose the right tool for network protection.
This guide shows how to use iptables to allow only a designated IP address to access a host's port 80, how to apply the same restriction to Docker containers by adding rules to the DOCKER-USER chain, and how to make the settings persistent across reboots.
Learn how to protect your Linux server by disabling root SSH login, changing the default port, enforcing strong passwords, limiting login attempts, using SSH protocol 2, disabling forwarding, employing key‑based authentication, and restricting access by IP, with clear commands and configuration examples.
Facing constant port scans and malicious login attempts on a public server, the author outlines a self‑developed IP filtering solution that automatically adds trusted IPs to a whitelist, featuring multi‑process support, concurrency, daemon mode, a web management panel, traffic statistics, and interception logging.
While Linux is generally more secure than other operating systems, many users wonder whether antivirus software or a firewall is necessary; this article explains why Linux desktop malware is rare, how package managers improve safety, the limited effectiveness of antivirus tools, and when a firewall truly matters.
This article provides a comprehensive guide to iptables, explaining its hierarchical structure of tables, chains, and rules, detailing the built‑in tables (filter, nat, mangle, raw) and their chains, describing rule syntax and target actions, and offering practical command examples for listing, flushing, saving, setting default policies, and configuring SSH, HTTP, NAT, and IP‑based restrictions.
This article explains what a firewall is, how it isolates risk zones from safe zones, its working principles, the typical architecture involving screening routers and proxy servers, and the key security functions it provides for protecting network communications.
This guide walks you through configuring firewalld on Linux, covering zones, temporary and permanent settings, service and port management, zone manipulation, rich rule creation, direct rule usage, and essential commands for enabling, disabling, and querying the firewall.
This article explains the challenges of connecting two devices behind NAT and firewalls, explores the underlying principles of NAT, STUN, ICE, and related protocols, and presents practical strategies—including port mapping, relay fallback, and IPv6 considerations—to achieve reliable peer‑to‑peer communication.
A Kubernetes node was compromised for Monero mining due to empty iptables, an exposed kubelet API, and a mis‑commented configuration, prompting a detailed post‑mortem and practical hardening steps to prevent similar attacks.
This guide provides a detailed, step‑by‑step hardening strategy for Linux systems, covering distro selection, kernel choices, extensive sysctl tweaks, boot‑loader parameters, MAC policies, sandboxing, memory allocator hardening, compile‑time mitigations, root account protection, firewall rules, swap configuration, PAM policies, microcode updates, IPv6 privacy, partition mounting options, entropy sources, and physical security measures.
A Kubernetes cluster was compromised when a misconfigured kubelet allowed anonymous API access, enabling attackers to run a Monero miner; the post details the investigation, root causes, and practical hardening steps to prevent similar intrusions.
