linux firewall

Mitigating DoS Attacks with a null (or Blackhole) Route on Linux

In a world where the Anonymous group is petitioning the US Government to make DDoS attacks a legal means of protest; For internet facing systems the threat of Denial of Service attacks are very real. The cold harsh reality of DoS attacks are that there is no way to stop them. While there are services out there that are designed to take the brunt of the attack for you these costs a significant amount of money (update: CloudFlare seems pretty decent).

iptables: Linux firewall rules for a basic Web Server

For today's article I am going to explain how to create a basic firewall allow and deny filter list using the iptables package. We will be focused on creating a filtering rule-set for a basic everyday Linux web server running Web, FTP, SSH, MySQL, and DNS services. Before we begin lets get an understanding of iptables and firewall filtering in general. What is iptables? iptables is a package and kernel module for Linux that uses the netfilter hooks within the Linux kernel to provide filtering, network address translation, and packet mangling.