Results 1 to 4 of 4
  1. #1

    Does apf firewall actually do anything for security?

    I'm talking about just APF firewall, not the brute force add-on etc. From what I understand it mainly just provides an easy interface to IPtables right, to easily ban IPs? Thinking of disabling it if it doesn't do much actively for security, since it seems to be causing some problems.

    Thanks,

  2. #2
    Join Date
    Mar 2005
    Location
    Sydney, Australia
    Posts
    76
    It also provides some proc/sysctl hacks that are quite handy.
    http://magi.net.au - Development / rant blog for coders, *nix admins, unoffical cpanel and whatnot.
    Server administration / Emergency work / Security handling available on request - private message/email for quote or more information

  3. #3
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    yes but you could just add those sysctl hacks to sysctl.conf and sysctl -p and call it a day. Over all i would say it doesnt do alot for security. Sure you are blocking uneeded ports etc, but there has to be other things in place for it to be worth while.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  4. #4
    apf is indeed useful. It is an easy way to configure iptables, furthermore you can do hosts.deny/allow things within it as well. Whereas if you block all ports, you can specify specific ips to access those resources.
    Linux VPS Hosting
    Fully Managed VPS, Dedicated And Reseller Solutions.
    Host Unlimited Domains

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •