Why IPTables is important?

Support for security such as Firewalls and securing linux
Post Reply
Alex.Arlong
Posts: 2
Joined: 2016/02/25 05:42:32

Why IPTables is important?

Post by Alex.Arlong » 2016/02/25 05:50:49

Hello,
I have an Game Servers hosting company and we are turn off the iptables beacause Game Servers needs to much open ports and it will be hard work for configurtion this.
iptables is realy important? if yes, so why?

User avatar
TrevorH
Forum Moderator
Posts: 27438
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Why IPTables is important?

Post by TrevorH » 2016/02/25 08:34:10

It's important because it stops the other 4 billion people on the internet from having access to the parts of your server that you do not want them to have access to! Don't run without it.
CentOS 6 will die in November 2020 - migrate sooner rather than later!
CentOS 5 has been EOL for nearly 3 years and should no longer be used for anything!
Full time Geek, part time moderator. Use the FAQ Luke

Alex.Arlong
Posts: 2
Joined: 2016/02/25 05:42:32

Re: Why IPTables is important?

Post by Alex.Arlong » 2016/02/25 12:24:07

But IPTables not stopping ddos attacks also the small one's.
Can you explain or expand what you mean please?

User avatar
TrevorH
Forum Moderator
Posts: 27438
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Why IPTables is important?

Post by TrevorH » 2016/02/25 14:51:41

Without iptables, anyone can access any of the network services on your machine.
CentOS 6 will die in November 2020 - migrate sooner rather than later!
CentOS 5 has been EOL for nearly 3 years and should no longer be used for anything!
Full time Geek, part time moderator. Use the FAQ Luke

User avatar
dmunk
Posts: 37
Joined: 2016/03/16 03:33:49

Re: Why IPTables is important?

Post by dmunk » 2016/03/20 16:31:14

Hello,

I would like to make a suggestion. You should invest in the following book :

http://www.cipherdyne.org/LinuxFirewalls/ch01/

If you are running a game server ( any exposed server for that matter ), you'll get the best results using the following policy :

1. What is it you wish to allow others to connect to. Example :
-- Who can access ssh? Admin only connecting from one CIDR range or country block?
-- What does a active session look like to iptables? This will help you create a meaningful rate limiting rule for a given service. You can find many examples on how to rate limit on line. The trick is knowing what the limits should be.


2. Take a look at denyhost. Keep in mind that this will really only work for ssh. It sounds more like your game service is what is seeing the DDOS. Not enough info to say for sure.

3. Research /etc/host.allow and /etc/hosts.deny. If your service is built against libwrapper, you'll be able to control some access here. Be careful though, you can lock yourself real easy with this ( and iptables ).

If you are seeing a DDOS attack, what type of attack? UDP? TCP? What doe the packets look like? Is it a packet flood or is it calling a file on apache that does not exist? Lots of ways to "DDOS" a server. Your trick will be able to say how it is happing and then filter traffic according to what you find. Logic : a DDOS can either use all bandwidth, cause a inode issue by causing consumption of all available file descriptors, use all available sockets for inet, etc. You'll have to take a look at the attack rather than look for a "one size fits all" fix.

You will most likely need to work with your upstream provider in getting a filter in place if your seeing a major attack as well.

Hope this helps in some way.

dmunk

Post Reply

Return to “CentOS 7 - Security Support”