Login to the server

su- root

for ip tables -

iptables -A INPUT -s -j DROP

For APF firewall is installed -

apf -d

after rebooting, the ban will be removed and in case if you have APF, to open the deny host files, type in the following -

pico /etc/apf/deny_hosts.rules

At the bottom, put in the IP address, thereafter save changes.

To restart APF,

/etc/apf/apf -r

CyberPatrol is one of the most powerful and popular client-based, browser independent, Internet safety software solutions for Windows-based standalone PCs available today. CyberPatrol 7.6 is designed to help an online generation get the most from the Internet!

Security Features:
* Customized Ready-to-go Filtering: View Screenshot Simple installation and set-up need not take more than a few minutes with Broadband. During set-up CyberPatrol lets you select your Environment and User Type to tailor your ready-to-go filter settings - it’s ideal for the novice user. Fltering settings and additional User Profiles can be quickly created and fine-tuned for each user or groups of users.

* Unlimited User Profiles: Enables you to create as little or as many Profiles as you need.
* User Profile Creation Wizards View Screenshot: Creating a User Profile is even easier with the use of these Wizards, as they lead you through the process step by step.

* Windows User Name Integration View Screenshot: For seamless access to your CyberPatrol User Profile filter settings.

* Override ModeView Screenshot: Active filtering settings can be quickly and easily overridden through the password protected Override Mode button on the HQ Toolbar.

* Instant Override View Screenshot: Password protected or warn only Instant Override option can be offered to users on Blocking Pages.

* Fast User Switching: Windows XP is supported.

* Auto Time-outView Screenshot: A great safety feature that keeps watch over an active User Profile, so when it’s left idle it will switch to the profile.

* Compatibility: CyberPatrol is rigorously tested for compatibility with the most popular applications, the latest being the Blackberry Desktop Manager, Corel WordPerfect Office, and AOL 9 SE.

One of the most important step in securing a Linux system know the primary function or role of the Linux server. Having a detailed knowledge of your system & what is on the system, will ensure you to understand what needs to be secured on the server. Therefore, it is very critical to look at the default list of software packages and remove unneeded packages or packages that don’t comply with your security policy. If you do that you will have less packages to worry about when security alerts and patches are released.

One of the first action items should be to create a Linux image that only contains RPMs needed by the applications and needed for maintenance and troubleshooting purposes. A good approach is to start with a minimum list of RPMs and then add packages as needed. It may be time-consuming but it’s worth the efforts.

To get a list of all installed RPMs you can use the following command:

rpm -qa

If you want to know more about a particular RPM, run:

rpm -qi

To check for and report potential conflicts and dependencies for deleting a RPM, run:

rpm -e –test

grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL. Its is an intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration. grsecurity reduces the risk of sensitive information being leaked by arbitrary-read kernel bugs.

Grsecurity includes several main features:
• Buffer overflow exploitation prevention from the PaX project
• Role-Based Access Control (RBAC)
• Randomization of Process IDs and in the TCP/IP stack
• Restricted viewing of processes
• Change root (chroot) hardening
• /tmp race vulnerability protection

For a complete list of grsecurity’s features, please visit
http://www.grsecurity.net/features.php

A Web server that supports any of the major security protocols, like SSL that encrypt and decrypt messages to protect them against third party tampering. Making purchases from a secure Web server ensures that a user’s payment or personal information can be translated into a secret code that’s difficult to crack. Major security protocols include SSL, SHTTP, PCT, and IPSec.

Generally firewall is used to protect a server from other servers & networks. But many times protecting a server within a network, by using a TCP wrapper, is also needed.

Most of the Linux distributions comes with xinetd server. This xinetd server includes a built in TCP wrapper. It can be used to define network services to accept incoming connections from specified servers and networks. The TCP wrappers uses two files, /etc/hosts.allow and /etc/hosts.deny through which it implements access control.

# Deny everything by default, add the following line to /etc/hosts.deny:

ALL: ALL

# Accept incoming SSH connections from e.g. nodes bamdns1, bamdns2 and bamdns3, add the following line to /etc/hosts.allow:

sshd: bamdns1 bamdns2 bamdns3

# Accept incoming SSH connections from all servers from a specific network, add the name of the subnet to /etc/hosts.allow

sshd: bamdns1 bamdns2 bamdns3 .subnet.server1.com

# Accept connections from all servers on subnet .subnet.server1.com but not from server bamdns4.subnet.server1.com, you could add the following line to /etc/hosts.allow:

ALL: .subnet.server1.com EXCEPT bamdns4.subnet.server1.com

# Accept incoming portmap connections from IP address 10.10.10.1 and subnet 255.255.5, add the following line to /etc/hosts.allow:

portmap: 10.10.10.1 255.255.5.