IPFW How to protect

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,931
Messages: 33,327

Every OS is the same. Do NOT use easily guessed user accounts. Do NOT use easily guessed passwords. Do NOT reuse passwords (using the same password for everything).

Most of the "hacks" these days happen because people use easily guessed passwords. There are literately hundreds (if not thousands) of bots scanning the internet every minute. They're continuously looking, prodding and trying those easy to guess accounts and passwords.
 

mjollnir

Well-Known Member

Reaction score: 86
Messages: 274

A way to create and remember good passwords: Use the initial characters/letters of an easy to remember sentence. E.g. "my mother's birthday is January, 13th" -> password: mmbiJ13th
 

jomonger

Member

Reaction score: 14
Messages: 41

Standard bot vector attacks are SQL injection and admin panels for things like wordpress, myphpadmin etc. If you have huge priviliges for database user they can quite easy run commands on your os (PLSQL).

If you have unsecure SQL input on hosting like aws you will get hacked within week. If its not easy password, then it propably is not OS hack.
 
OP
F

Franklin

New Member


Messages: 9

Every OS is the same. Do NOT use easily guessed user accounts. Do NOT use easily guessed passwords. Do NOT reuse passwords (using the same password for everything).

Most of the "hacks" these days happen because people use easily guessed passwords. There are literately hundreds (if not thousands) of bots scanning the internet every minute. They're continuously looking, prodding and trying those easy to guess accounts and passwords.
Is MAC OS the same question?
 

rashey

New Member


Messages: 2

My system was hacked and crashed
How to protect

Please step by step
First of all keep your software up to date, ipfw was vulnerable among others to CVE-2019-5614.

Stop all services you don't use, close all ports you don't need or make proper firewall rules to restrict access if possible.
 

mjollnir

Well-Known Member

Reaction score: 86
Messages: 274

My system was hacked and crashed
How to protect

Please step by step
A "real" firewall setup with a manageable switch, packet filter firewall-host, DMZ (de-militarized zone) & service host in the DMZ. On that host, run all services jailed or in VMs (bhyve(8)). Secure it with ipfw(8) (see /etc/rc.firewall) or pf(4) (beware pf is different...). Strictly speaking, some services (e.g. DB for a web application) should be on their own physical host, a VM is not enough. The packet filter firewall-host and the services host (inside the DMZ) must be physically separate machines (in any case). Physically sepatate the networks for management and ordinary traffic, some also have a dedicated machine (terminal) for network management. Install a virus scanner at least on the services host, integrate that into mail and web/FTP proxy. Best practice is to have a socks gateway/proxy, espc. if you need to access the internet e.g. with SSH. Consider one of the FreeBSD-based firewall "distros" for the packet filter.
 
Top