timbobker
By:
timbobker

ubuntu 12.04 - iptables - are these secure

May 3, 2014 923 views
I have created my iptables in ubuntu 12.04 and activated fail2ban. Can someone please just let me know if my iptables are secure or if I am missing anything / need to change anything. I have replaced the actual port number for ssh with [port number] Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports [port number] ACCEPT all -- anywhere anywhere REJECT all -- anywhere loopback/8 reject-with icmp-port-unreachable ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:[port number] ACCEPT icmp -- anywhere anywhere icmp echo-request LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables denied: " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere
1 Answer
Looks fine to me. But I don't know what services you're running, so you could check what ports are open and see if you need to close/whitelist any:
sudo netstat -plutn

Ports on 127.0.0.1 are fine since they can only be accessed from the droplet itself only.
Have another answer? Share your knowledge.