This article recounts a Chinese New Year server breach where massive UDP traffic masked a Trojan on an Oracle‑Tomcat host, detailing the forensic steps to identify the malicious process, restore service with iptables rules, and uncover a weak SSH password as the root cause.
This article explains how to construct various HTTP response codes using a PHP script and how to emulate network anomalies such as TCP resets, packet loss, and latency with iptables and tc netem, providing practical techniques for robust backend testing.
This article explains how Kubernetes NetworkPolicy works with Calico, detailing the policy creation process, configuration templates, component versions, deployment steps, Calico‑felix packet handling, and a practical “deny all traffic” test case, concluding with operational considerations and reference links.
This article analyzes the recent surge of Redis unauthenticated attacks that install a worm, use pnscan for lateral scanning, modify system settings, and launch cryptocurrency mining, while providing detailed script breakdowns and remediation steps.
This comprehensive guide explains the fundamentals of iptables, covering its architecture, chain and table concepts, rule syntax, matching modules, actions, and practical examples for filtering, NAT, and port forwarding, enabling readers to configure Linux firewalls effectively in virtual or container environments.
This article walks through disabling firewalld on a CentOS 7 Alibaba Cloud server, installing iptables‑services, adding a complete set of firewall rules, explaining each rule’s purpose, and finally enabling the iptables service to ensure a secure LAMP environment.
This article explains how Kubernetes NetworkPolicy provides namespace‑ and pod‑level network isolation, how Calico translates policies into iptables rules, and walks through configuration templates, test setups, runtime details, packet‑flow analysis, and practical considerations for production use.
This article explains how to use a Linux server with iptables to accelerate business traffic via a dedicated relay point, covering technical choices, configuration of DNAT/SNAT, static routing, testing methodology, and performance results.
This article compiles Meituan's Linux operations engineer interview requirements, common questions on system installation, networking, scripting, MySQL security, replication, iptables, and provides detailed command-line solutions and sample scripts to help candidates prepare effectively.
This article compiles practical Linux system administration techniques, covering how to check physical CPUs and cores, interpret load averages, understand vmstat columns, differentiate buffer and cache, monitor memory usage with top, inspect network connections, manage services, configure IP addresses, use iptables, rsync options, cron jobs, and troubleshoot hardware issues.
This article walks through diagnosing a packet‑drop issue in OpenStack Neutron security groups, detailing network architecture, packet capture, iptables chain analysis, rule addition, and validation steps to restore communication between Linux Director and virtual machines.
This guide presents 25 essential Linux iptables rules—from clearing existing policies to configuring SSH, HTTP, DNS, and DoS protection—illustrated with command screenshots, enabling administrators to quickly adapt firewall settings to their specific network security needs.
This guide explains Linux traffic control (TC), covering its core components—queueing disciplines, classes, and filters—along with step‑by‑step commands to shape outbound bandwidth, set rate and ceiling limits, use bursts, and apply iptables marks for precise traffic management.
This guide explains how to permanently disable SELinux, temporarily change its mode, and provides a comprehensive tutorial on using iptables—including table concepts, basic commands, rule management, scripting, NAT configuration, and saving/restoring firewall rules—on Red Hat/CentOS Linux.
This guide walks through setting up a LAN with a static‑IP server, configuring iptables firewall rules, enabling NAT and port forwarding, and deploying a DHCP server on CentOS, complete with sample configuration files and command‑line steps.
This guide walks through diagnosing a CentOS server where SSH, web, and database services are down, analyzing log files, reinstalling OpenSSH, adjusting file attributes, and configuring iptables and access controls to restore secure remote access.
This comprehensive guide explains Linux firewall fundamentals, the role of iptables and Netfilter, the structure of tables and chains, rule ordering, common commands, and real‑world configuration examples for securing networks and handling port mapping.
This guide explains how to install, enable, and manage FirewallD on Linux, covering zones, services, ports, rich rules, port forwarding, and direct iptables integration, with step‑by‑step commands and visual examples to help administrators configure persistent, dynamic firewalls efficiently.
A remote Ubuntu 12.04 server suffered a sudden 800 MB traffic surge caused by a hidden backdoor that sent continuous HTTP requests to malicious IPs; by analyzing logs, using iftop, netstat, lsof, and replacing compromised tools, the author identified and removed malicious processes, restored normal traffic, and outlined preventive security measures.
During the Chinese New Year a client’s Oracle‑Tomcat server was overwhelmed by massive UDP traffic, prompting a forensic investigation that uncovered a hidden Trojan, detailed command‑line analysis, iptables hardening, and the root cause of a weak SSH password left after a hardware upgrade.
This article introduces Linux’s built-in iptables (netfilter) firewall, explains its four tables and chains, and provides detailed command-line examples for starting, stopping, configuring, listing, and managing rules, including common options and extended matching techniques.
This article analyzes the nf_conntrack table‑full issue encountered during high‑concurrency OpenStack upgrades, explains how connection tracking works and is stored in a hash table, and provides practical parameter and iptables adjustments to improve memory usage and lookup performance.
This article recounts a real‑world incident on an Ubuntu 12.04 server where massive outbound traffic was traced to a hidden trojan, detailing step‑by‑step investigation, identification of malicious processes, removal techniques, and preventive hardening measures.
After a sudden traffic surge and loss of SSH access on an Ubuntu 12.04 server, I worked with the data‑center team to trace malicious outbound connections, identify compromised binaries, remove persistent backdoor scripts, and implement firewall rules and logging practices to prevent future intrusions.
This guide walks through iptables fundamentals—including listing, flushing, and setting default policies—then demonstrates adding, inserting, replacing, and deleting rules, explores basic and extended match modules, and provides practical exercises for building robust firewall configurations.
This guide explains how firewalld works on CentOS 7, covering zone concepts, configuration file locations, command‑line and XML methods for adding ports, common firewall commands, and the steps to replace firewalld with the traditional iptables firewall.
This guide walks through hardening an Nginx web server on Linux by configuring default files, testing and reloading, enabling SELinux, mounting least‑privilege partitions, applying sysctl security parameters, removing unnecessary modules, and deploying an iptables‑based firewall with detailed command examples.
This guide demonstrates how to simulate a high‑traffic scenario between two machines and use an iptables rule to reject connections from a specific host when its concurrent requests exceed ten, including command syntax, execution steps, and result analysis.
This article provides an in‑depth technical overview of Linux Netfilter, explaining its hook architecture, key macros, packet‑processing flow, and how iptables interacts with the kernel to filter, NAT, and track connections across the IPv4 stack.
Learn the fundamentals of iptables firewall on Linux, including configuration file location, service control commands, the hierarchy of tables, chains, and rules, common targets, and essential iptables commands for listing and flushing rules.
This article explains the Linux Netfilter framework and iptables utility, detailing hook points, rule tables (filter, nat, mangle, raw), chain behavior, packet routing flow, and common command syntax for building robust firewall policies.
This article explains what a SYN Flood DoS attack is, shows how to diagnose it using system logs and netstat, and provides practical mitigation steps such as iptables blocking, F5 load‑balancer filtering, and kernel parameter tuning to protect Linux web servers.
This step‑by‑step tutorial shows how to install Samba on a Linux server, configure a shared home directory, create a Samba user, adjust firewall and SELinux settings, and finally access the share from a Windows client.
This article presents a concise visual mind map of iptables, illustrating its core concepts, chains, tables, and typical rules, enabling readers to quickly grasp firewall configuration and operation at a glance in.
This guide explains how to protect Linux servers from SYN flood and DDoS attacks by tuning sysctl parameters, applying iptables rules, installing the free DDoS‑deflate script, and monitoring nginx logs to identify and block malicious IPs and user agents.
This guide explains how iptables functions as a Linux firewall, detailing packet traversal through the prerouting, input, forward, output, and postrouting chains, the four built‑in tables with their priorities, and essential commands for listing, clearing, and adding rules to secure network traffic.
This article outlines Linux network security fundamentals, covering firewall types and placement, intrusion detection and prevention systems, honeypots, vulnerability scanners, rootkits, and provides a detailed explanation of iptables/netfilter architecture, tables, chains, rules, and packet handling actions.
This article explains how to use Linux iptables to create network-level ACLs that block non-production IP ranges from accessing a Memcached server, providing command examples for adding, listing, and clearing firewall rules, and discusses future considerations such as IPv6 support.
This guide walks you through downloading, installing, configuring, and testing Fail2Ban on a Linux system, covering essential parameters, SSH jail setup, custom actions, filter editing, and command‑line utilities for managing bans and logs.
This step‑by‑step guide shows how to harden a freshly installed Ubuntu 12.04 LTS server by creating a non‑root user, disabling root SSH access, configuring SSH keys, applying system updates, setting up iptables firewall rules, and installing Fail2Ban to automatically block malicious login attempts.
This comprehensive guide explains Linux firewall concepts, the evolution and operation of iptables, rule chains, policies, command syntax, matching criteria, state tracking, NAT/DNAT techniques, and practical exercises, providing readers with the knowledge to configure and manage secure network access effectively.
Securing Linux systems requires more than a single anti‑malware tool; this guide outlines nine practical measures—including SELinux, vulnerability alerts, service hardening, log monitoring, port knocking, iptables, default‑deny policies, IDS, and full‑disk encryption—to strengthen system defenses against attacks.
The article explains how the Linux kernel’s SYNPROXY feature, introduced in version 3.13, effectively mitigates SYN flood DoS attacks by acting as a gateway, validating handshake cookies, and dramatically reducing kernel soft‑IRQ load during testing on Debian and SLES‑12.
