Step 1: Retrieve the Iptables firewall:
Iptables is pre-installed on almost every Linux distribution. You can use this command to retrieve the package: sudo apt-get install iptables
Step 2: Discover what Iptables is already configured to do by default:
Run the iptable L command
Step 3: You can decide to modify the existing rules or instead start afresh:
To start afresh, run this command
iptables-F
Step 4: Decide which firewall ports to close:
First block all lines of attack by running the following commands:
Block XMAS Packets: iptables -A INPUT -p tcp –tcp-flags ALL ALL -j
DROP
Block null packets: iptables -A INPUT -p tcp –tcp-flags ALL NONE -j
DROP
Block syn-flood packets: iptables -A INPUT -p tcp ! –syn -m state –state
NEW -j DROP
Step 5: Decide which firewall ports to leave open:
Here are some ports you could decide to leave open:
For outgoing connections:
80/tcp for HTTP
53/udp for DNS
443/tcp for HTTPS (secured HTTP)
21/tcp for FTP (File Transfer Protocol)
465/tcp for SMTP (send emails)
25/tcp for Insecure SMTP
22/tcp for SSH (secure connection from computer to computer)
993/tcp&udp for IMAP (receive emails)
143/tcp&udp for Insecure IMAP
9418/tcp for GIT (version control system)
For Incoming connections:
993/tcp&udp for IMAP (receive emails)
143/tcp&udp for Insecure IMAP
110/tcp for POP3 (old way to receive emails)
22/tcp for SSH (secure connection from computer to computer)
9418/tcp for GIT (version control system)
Step 6: Save your firewall configuration
Type the following command to save the settings you’ve configured and
restart your firewall: