Archive for the ‘Network Security’ Category

Linux Operating System has a number of built-in protection mechanism. You can activate it by modifying the system kernel parameters in the /proc filesystem via the /etc/sysctl.conf file.

taufanlubis@zyrex:/etc$ sudo gedit sysctl.conf

Just, remove the ‘#’ to activate the parameters


Content of sysctl.conf:


# /etc/sysctl.conf – Configuration file for setting system variables

# See sysctl.conf (5) for information.



#kernel.domainname = example.com



# the following stops low-level messages on console

kernel.printk = 4 4 1 7


# Functions previously found in netbase



# Uncomment the next line to enable Spoof protection (reverse-path filter)



# Uncomment the next line to enable TCP/IP SYN cookies



# Uncomment the next line to enable packet forwarding for IPv4



# Uncomment the next line to enable packet forwarding for IPv6



A bit explanation to make it more clear.


Disable routing triangulation. Respond to queries out the same interface, not another.

Help to maintain state. Also protects againts IP spoofing


Turn on protection from Denial of Service (DOS) attacks



Enable IP routing. Required if your firewall is protecting a network, NAT included.



Disable responding to ping broadcasts.



Read Full Post »

IP address

Every house or office is recognized by postal address. When you send a postcard to someone, just write down the address and it will delivered by postman. It is the same with a machine. It has a unique address called IP address (Internet Protocol) address. When your machine send data to other machine, it will set the ip address as the destination.


My IP address is 192.168.0

If you see the number on above, there are four parts of number which are separated by 3 dots. Actually, each part of those number are Bytes that is is written into decimal number.


Is that what all we need to make our computer talk to the other computer?

If we do that, then it will bet not enough ip addresses for all computers in the world.

Then how is the trick?

All this connected computers are grouped. This group we know as LAN (Local Area Network). Then all these LANs are connected into a big network called Internet. We may say a minimum Internet is a connected two LANs and we are only part of small sub set of the entire network (internet).


Communicate to other computer in a different LAN.

When you send data to the other computer, it will check, “Am I in the same local network?” (or group as I said before)? The computer can not do this unless it has another parameter named ‘netmask‘.

Your computer will say:

“If I am in the same network with the destination computer that I want to send my data to, then I can continue the process.”

Mean, “netmask” will be used to set the range of IP address that can be reached.


How combination of IP address and Netmask set the range of IP address?

Netmask consist of 4 bytes and written as decimal number, same like ip address.


Number 255 will say that your first byte, second byte and third byte of your ip address are the same with other computer.


So, the range will be:

Your IP:


Your range: – (see, that the 3 bytes from left to right are the same).


You IP:


Your range: – (see, that the 2 bytes from left to right are the same).

In a stand alone network, the netmask must be the same and all IP address must be in the same range.

PC-A IP: Netmask:

PC-B IP: Netmask:

PC-C IP: Netmask:


If PC-A is not in the same netmask and IP range with PC-B and PC-C then PC-A will see the network in a different way.

PC-A IP: Netmask:

PC-B IP: Netmask:

PC-C IP: Netmask:

PC-A can see PC-B and PC-C but PC-B and PC-C can’t see PC-A.

Mean PC-A can not communicate with PC-B and PC-C.


The error message will be:

taufanlubis@zyrex:~$ ping

connect: Network is unreachable



Read Full Post »

Forget about typing firewall commands in linux bash.
Firestarter is a modern linux firewall. You can have a firewall and running it in minutes.

A firestarter 1.0 package is now available for Debian mean you can download it for Ubuntu.

Before you start to install it, make sure to enable the ‘universe’ respository in the /etc/apt/sources.list file or in synaptic under Setting>Repositories.

Then type: sudo apt-get install firestarter in your console.


Key Features

  • Open Source software, available free of charge

  • Easy to use graphical interface

  • Suitable for use on desktops, servers and gateways

  • Enables Internet connection sharing

  • Allows you to define both inbound and outbound access policy

  • Option to whitelist or blacklist traffic

  • Sets up DHCP for a local network

  • Real time firewall events view

  • View active network connections, including any traffic routed through the firewall

  • Advanced Linux kernel tuning features

source: http://www.fs-security.com/


Internet connection sharing setup

Internet connection sharing allows several machines to access the Internet through a single network connection. This method called NAT (Network Address Translation).

If you want to use NAT, you need at least two or more network devices in your machine. If you only have one device you can’t enable the internet connection sharing from Firewall > Run Wizard.

You can enable both the NAT and DHCP via Run Wizard without configure anything.

For outsider, they will see your PCs as a single machine with a single IP address.


Firestarter Policy

Inbound traffic Policy -> control incoming traffic from the internet and LAN to the firewall.

Outbound traffic Policy -> control outgoing traffic to the internet from the firewall and any LAN clients.


Enabling the DHCP Service

Firestarter does not itself include a DHCP server, it depends on the underlying system to provide this feature. If a DHCP binary is not detected on the system, the DHCP controls will remain inactive. You can install using command: taufanlubis@zyrex:~$ sudo apt-get install dhcp


Launching Firestarter minimized to the tray on login

Open session screen:

System > Preferences > Sessions

click Startup Program tab

click New button.

Type in Name textbox firestarter and at command type sudo firestarter –start-hidden, then press Enter.


Read Full Post »

« Newer Posts