How to install Firewall and which one?

7 posts / 0 new
Last post
#1 Fri, 04/15/2011 - 09:27
yaminz66

How to install Firewall and which one?

Hi

I have got Virtualmin/Webmin on a Centos server. Can anyone advise the best firewall to install and how?

I am rather new to this.

Regards

Yamin

Fri, 04/15/2011 - 10:37
andreychek

Howdy,

You don't need a firewall on your server. However, if you wish to use one, Webmin has the ability to configure one in Webmin -> Networking -> Linux Firewall.

-Eric

Fri, 04/15/2011 - 12:00
Locutus

Hmm, I think it is a matter of taste if you want to have a firewall on your server or not, hence, if you "need" one. :)

I myself - using VMWare ESXi - don't have one on the server VMs, but I have an upstream router/firewall in form of a virtual PFSense which performs all connectivity for the servers.

If you don't have the opportunity to use an external firewall, and wish to have one on your server, the Linux built-in one (named "iptables") is the easiest way to go. Like Eric said, Webmin has a nice module to configure that. For simple firewall purposes, you won't need more that that. :)

Tue, 05/03/2011 - 06:22
yaminz66

Hi

Someone else said in another thread that most of the threats come from vulnerabilties in software, so best keep webserver/os upto date. If I run yumupdate is that enough? Or is there facility in webmin/virtmin to keep the system updated?

Regards

Yamin

Tue, 05/03/2011 - 09:29
andreychek

Running "yum update" is a good way to keep your system up to date.

You can also do all that via Virtualmin by going to the System Information screen. In the top-most section named "System" is a line called "Package updates". You can use that to perform system updates, as well as optionally configure email notifications to let you know when packages are available.

-Eric

Tue, 05/03/2011 - 16:10
Locutus

Yeah, I agree that keeping software up to date is more important than a firewall. If you have a flawed web server, then a firewall, which naturally allows its port through, is not gonna help. :)

And don't forget that - in addition to OS packages - you need to keep websites (PHP etc.) up to date! Many vulnerabilities that can lead to hacked systems occur in the website scripts themselves.

Thu, 05/05/2011 - 08:33
yaminz66

Hi

Thanks for your input that was very helpful

Yamin

Topic locked