Hello,

I am trying to secure my server a little more and I am trying to install the software firewall stated below. How would I go about doing this in SSH? I am new to it so therefore, I am asking. If you could help me, I would greatly appreciate it!

http://www.tripwire.com/

Greetings:

We recommend Bastille for Linux http://www.bastille-linux.org/

Thank you.

I like bastille, but couldn't get it running correctly on one of my servers recently for some reason. The rules just slowly kept disappearing for some odd reason until after about an (or less) they had completely gone and there was no more firewall.

I just deleted it on that server and installed APF, which is working correctly.

By that, those are the 2 firewalls I recommend: bastille and APF.

Tripwire isn't a firewall, but an intrusion detection system. It just makes a checksum of the system and then you can use it to check if anything has been changed.

Ok, I setup APF, but how do I know that it is working/on? I installed it, editted the file to allow certain ports, did 'service apf start' and it said "[ OK ]". Does this mean that it is on and working? How do I know for sure?

See if you can connect to the ports that you are blocking. Try temporarily blocking port 80 or something and see if you can no longer use the web server. You can also verify that it has created rules by typing "iptables -L"

You can also run: "iptables-save > /some/path/iptables.log"
and in /some/path/iptables.log you will have all the firewall rules that APF has for your system.
If you ever break your firewall setup, you can restore the ruleset by running: "iptables-restore < /some/path/iptables.log"

I tried blocking port 80 and I was still able to see the websites that are hosted on it. Also, when I did 'service apf start', I got the following:

/etc/init.d/apf: line 3: [: 149: binary operator expected
/etc/init.d/apf: line 4: ^G: command not found
/etc/init.d/apf: line 5: Pos: command not found
/etc/init.d/apf: line 6: ^X: command not found
/etc/init.d/apf: line 7: [: 149: binary operator expected
/etc/init.d/apf: line 8: ^G: command not found
/etc/init.d/apf: line 9: Pos: command not found
/etc/init.d/apf: line 10: ^X: command not found
/etc/init.d/apf: line 11: [: 149: binary operator expected
/etc/init.d/apf: line 12: ^G: command not found
/etc/init.d/apf: line 13: Pos: command not found
/etc/init.d/apf: line 14: ^X: command not found
/etc/init.d/apf: line 15: [: 149: binary operator expected
/etc/init.d/apf: line 16: ^G: command not found
/etc/init.d/apf: line 17: Pos: command not found
/etc/init.d/apf: line 18: ^X: command not found
/etc/init.d/apf: line 19: [: 149: binary operator expected
/etc/init.d/apf: line 20: ^G: command not found
/etc/init.d/apf: line 21: Pos: command not found
/etc/init.d/apf: line 22: ^X: command not found
/etc/init.d/apf: line 23: [: 149: binary operator expected
/etc/init.d/apf: line 24: ^G: command not found
/etc/init.d/apf: line 25: Pos: command not found
/etc/init.d/apf: line 26: ^X: command not found
/etc/init.d/apf: line 27: [: 149: binary operator expected
/etc/init.d/apf: line 28: ^G: command not found
/etc/init.d/apf: line 29: Pos: command not found
/etc/init.d/apf: line 30: ^X: command not found
/etc/init.d/apf: line 31: [: 149: binary operator expected
/etc/init.d/apf: line 32: ^G: command not found
/etc/init.d/apf: line 33: Pos: command not found
/etc/init.d/apf: line 34: ^X: command not found
/etc/init.d/apf: line 35: [: 149: binary operator expected
/etc/init.d/apf: line 36: ^G: command not found
/etc/init.d/apf: line 37: Pos: command not found
/etc/init.d/apf: line 38: ^X: command not found
/etc/init.d/apf: line 39: [: 149: binary operator expected
/etc/init.d/apf: line 40: ^G: command not found
/etc/init.d/apf: line 41: Pos: command not found
/etc/init.d/apf: line 42: ^X: command not found
/etc/init.d/apf: line 43: [: 149: binary operator expected
/etc/init.d/apf: line 44: ^G: command not found
/etc/init.d/apf: line 45: Pos: command not found
/etc/init.d/apf: line 46: ^X: command not found
/etc/init.d/apf: line 47: [: 149: binary operator expected
/etc/init.d/apf: line 48: ^G: command not found
/etc/init.d/apf: line 49: Pos: command not found
/etc/init.d/apf: line 50: ^X: command not found
/etc/init.d/apf: line 51: [: 149: binary operator expected
/etc/init.d/apf: line 52: ^G: command not found
/etc/init.d/apf: line 53: Pos: command not found
/etc/init.d/apf: line 54: ^X: command not found
Starting APF:/usr/local/sbin/apf: line 3: [: 149: binary operator expected
/usr/local/sbin/apf: line 4: ^G: command not found
/usr/local/sbin/apf: line 5: Pos: command not found
/usr/local/sbin/apf: line 6: ^X: command not found
/usr/local/sbin/apf: line 7: [: 149: binary operator expected
/usr/local/sbin/apf: line 8: ^G: command not found
/usr/local/sbin/apf: line 9: Pos: command not found
/usr/local/sbin/apf: line 10: ^X: command not found
/usr/local/sbin/apf: line 11: [: 149: binary operator expected
/usr/local/sbin/apf: line 12: ^G: command not found
/usr/local/sbin/apf: line 13: Pos: command not found
/usr/local/sbin/apf: line 14: ^X: command not found
/usr/local/sbin/apf: line 15: [: 149: binary operator expected
/usr/local/sbin/apf: line 16: ^G: command not found
/usr/local/sbin/apf: line 17: Pos: command not found
/usr/local/sbin/apf: line 18: ^X: command not found
/usr/local/sbin/apf: line 19: [: 149: binary operator expected
/usr/local/sbin/apf: line 20: ^G: command not found
/usr/local/sbin/apf: line 21: Pos: command not found
/usr/local/sbin/apf: line 22: ^X: command not found
/usr/local/sbin/apf: line 23: [: 149: binary operator expected
/usr/local/sbin/apf: line 24: ^G: command not found
/usr/local/sbin/apf: line 25: Pos: command not found
/usr/local/sbin/apf: line 26: ^X: command not found
/usr/local/sbin/apf: line 27: [: 149: binary operator expected
/usr/local/sbin/apf: line 28: ^G: command not found
/usr/local/sbin/apf: line 29: Pos: command not found
/usr/local/sbin/apf: line 30: ^X: command not found
/usr/local/sbin/apf: line 31: [: 149: binary operator expected
/usr/local/sbin/apf: line 32: ^G: command not found
/usr/local/sbin/apf: line 33: Pos: command not found
/usr/local/sbin/apf: line 34: ^X: command not found
/usr/local/sbin/apf: line 35: [: 149: binary operator expected
/usr/local/sbin/apf: line 36: ^G: command not found
/usr/local/sbin/apf: line 37: Pos: command not found
/usr/local/sbin/apf: line 38: ^X: command not found
/usr/local/sbin/apf: line 39: [: 149: binary operator expected
/usr/local/sbin/apf: line 40: ^G: command not found
/usr/local/sbin/apf: line 41: Pos: command not found
/usr/local/sbin/apf: line 42: ^X: command not found
/usr/local/sbin/apf: line 43: [: 149: binary operator expected
/usr/local/sbin/apf: line 44: ^G: command not found
/usr/local/sbin/apf: line 45: Pos: command not found
/usr/local/sbin/apf: line 46: ^X: command not found
/usr/local/sbin/apf: line 47: [: 149: binary operator expected
/usr/local/sbin/apf: line 48: ^G: command not found
/usr/local/sbin/apf: line 49: Pos: command not found
/usr/local/sbin/apf: line 50: ^X: command not found
/usr/local/sbin/apf: line 51: [: 149: binary operator expected
/usr/local/sbin/apf: line 52: ^G: command not found
/usr/local/sbin/apf: line 53: Pos: command not found
/usr/local/sbin/apf: line 54: ^X: command not found
/etc/apf/vnet/vnetgen: line 3: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 4: ^G: command not found
/etc/apf/vnet/vnetgen: line 5: Pos: command not found
/etc/apf/vnet/vnetgen: line 6: ^X: command not found
/etc/apf/vnet/vnetgen: line 7: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 8: ^G: command not found
/etc/apf/vnet/vnetgen: line 9: Pos: command not found
/etc/apf/vnet/vnetgen: line 10: ^X: command not found
/etc/apf/vnet/vnetgen: line 11: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 12: ^G: command not found
/etc/apf/vnet/vnetgen: line 13: Pos: command not found
/etc/apf/vnet/vnetgen: line 14: ^X: command not found
/etc/apf/vnet/vnetgen: line 15: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 16: ^G: command not found
/etc/apf/vnet/vnetgen: line 17: Pos: command not found
/etc/apf/vnet/vnetgen: line 18: ^X: command not found
/etc/apf/vnet/vnetgen: line 19: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 20: ^G: command not found
/etc/apf/vnet/vnetgen: line 21: Pos: command not found
/etc/apf/vnet/vnetgen: line 22: ^X: command not found
/etc/apf/vnet/vnetgen: line 23: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 24: ^G: command not found
/etc/apf/vnet/vnetgen: line 25: Pos: command not found
/etc/apf/vnet/vnetgen: line 26: ^X: command not found
/etc/apf/vnet/vnetgen: line 27: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 28: ^G: command not found
/etc/apf/vnet/vnetgen: line 29: Pos: command not found
/etc/apf/vnet/vnetgen: line 30: ^X: command not found
/etc/apf/vnet/vnetgen: line 31: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 32: ^G: command not found
/etc/apf/vnet/vnetgen: line 33: Pos: command not found
/etc/apf/vnet/vnetgen: line 34: ^X: command not found
/etc/apf/vnet/vnetgen: line 35: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 36: ^G: command not found
/etc/apf/vnet/vnetgen: line 37: Pos: command not found
/etc/apf/vnet/vnetgen: line 38: ^X: command not found

/etc/apf/vnet/vnetgen: line 39: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 40: ^G: command not found
/etc/apf/vnet/vnetgen: line 41: Pos: command not found
/etc/apf/vnet/vnetgen: line 42: ^X: command not found
/etc/apf/vnet/vnetgen: line 43: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 44: ^G: command not found
/etc/apf/vnet/vnetgen: line 45: Pos: command not found
/etc/apf/vnet/vnetgen: line 46: ^X: command not found
/etc/apf/vnet/vnetgen: line 47: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 48: ^G: command not found
/etc/apf/vnet/vnetgen: line 49: Pos: command not found
/etc/apf/vnet/vnetgen: line 50: ^X: command not found
/etc/apf/vnet/vnetgen: line 51: [: 149: binary operator expected
/etc/apf/vnet/vnetgen: line 52: ^G: command not found
/etc/apf/vnet/vnetgen: line 53: Pos: command not found
/etc/apf/vnet/vnetgen: line 54: ^X: command not found
/etc/apf/firewall: line 3: [: 149: binary operator expected
/etc/apf/firewall: line 4: ^G: command not found
/etc/apf/firewall: line 5: Pos: command not found
/etc/apf/firewall: line 6: ^X: command not found
/etc/apf/firewall: line 7: [: 149: binary operator expected
/etc/apf/firewall: line 8: ^G: command not found
/etc/apf/firewall: line 9: Pos: command not found
/etc/apf/firewall: line 10: ^X: command not found
/etc/apf/firewall: line 11: [: 149: binary operator expected
/etc/apf/firewall: line 12: ^G: command not found
/etc/apf/firewall: line 13: Pos: command not found
/etc/apf/firewall: line 14: ^X: command not found
/etc/apf/firewall: line 15: [: 149: binary operator expected
/etc/apf/firewall: line 16: ^G: command not found
/etc/apf/firewall: line 17: Pos: command not found
/etc/apf/firewall: line 18: ^X: command not found
/etc/apf/firewall: line 19: [: 149: binary operator expected
/etc/apf/firewall: line 20: ^G: command not found
/etc/apf/firewall: line 21: Pos: command not found
/etc/apf/firewall: line 22: ^X: command not found
/etc/apf/firewall: line 23: [: 149: binary operator expected
/etc/apf/firewall: line 24: ^G: command not found
/etc/apf/firewall: line 25: Pos: command not found
/etc/apf/firewall: line 26: ^X: command not found
/etc/apf/firewall: line 27: [: 149: binary operator expected
/etc/apf/firewall: line 28: ^G: command not found
/etc/apf/firewall: line 29: Pos: command not found
/etc/apf/firewall: line 30: ^X: command not found
/etc/apf/firewall: line 31: [: 149: binary operator expected
/etc/apf/firewall: line 32: ^G: command not found
/etc/apf/firewall: line 33: Pos: command not found
/etc/apf/firewall: line 34: ^X: command not found
/etc/apf/firewall: line 35: [: 149: binary operator expected
/etc/apf/firewall: line 36: ^G: command not found
/etc/apf/firewall: line 37: Pos: command not found
/etc/apf/firewall: line 38: ^X: command not found
/etc/apf/firewall: line 39: [: 149: binary operator expected
/etc/apf/firewall: line 40: ^G: command not found
/etc/apf/firewall: line 41: Pos: command not found
/etc/apf/firewall: line 42: ^X: command not found
/etc/apf/firewall: line 43: [: 149: binary operator expected
/etc/apf/firewall: line 44: ^G: command not found
/etc/apf/firewall: line 45: Pos: command not found
/etc/apf/firewall: line 46: ^X: command not found
/etc/apf/firewall: line 47: [: 149: binary operator expected
/etc/apf/firewall: line 48: ^G: command not found
/etc/apf/firewall: line 49: Pos: command not found
/etc/apf/firewall: line 50: ^X: command not found
/etc/apf/firewall: line 51: [: 149: binary operator expected
/etc/apf/firewall: line 52: ^G: command not found
/etc/apf/firewall: line 53: Pos: command not found
/etc/apf/firewall: line 54: ^X: command not found

Nevermind. I reinstalled it and got it working perfectly. Thanks for your help!