UFW-簡単にする方法と、UFWでステルスポートとは何ですか?
2時間の無駄遣いを見せてあげましょう。
To Action From
-- ------ ----
22 REJECT Anywhere
23/tcp REJECT Anywhere
79/tcp REJECT Anywhere
25/tcp REJECT Anywhere
43/tcp REJECT Anywhere
49 REJECT Anywhere
21/tcp REJECT Anywhere
110 REJECT Anywhere
115/tcp REJECT Anywhere
39/udp REJECT Anywhere
143 REJECT Anywhere
161 REJECT Anywhere
199 REJECT Anywhere
209 REJECT Anywhere
213 REJECT Anywhere
530/tcp REJECT Anywhere
389 REJECT Anywhere
444 REJECT Anywhere
465/tcp REJECT Anywhere
512/udp REJECT Anywhere
513/udp REJECT Anywhere
514/tcp REJECT Anywhere
514/udp REJECT Anywhere
540/tcp REJECT Anywhere
554 REJECT Anywhere
556/tcp REJECT Anywhere
623/udp REJECT Anywhere
706 REJECT Anywhere
88 REJECT Anywhere
990/tcp REJECT Anywhere
994 REJECT Anywhere
995 REJECT Anywhere
993 REJECT Anywhere
130/tcp REJECT Anywhere
130/udp REJECT Anywhere
131/udp REJECT Anywhere
132/udp REJECT Anywhere
133/udp REJECT Anywhere
134/udp REJECT Anywhere
135/udp REJECT Anywhere
136/udp REJECT Anywhere
137/udp REJECT Anywhere
138/udp REJECT Anywhere
139/udp REJECT Anywhere
139/tcp REJECT Anywhere
138/tcp REJECT Anywhere
137/tcp REJECT Anywhere
136/tcp REJECT Anywhere
135/tcp REJECT Anywhere
134/tcp REJECT Anywhere
133/tcp REJECT Anywhere
132/tcp REJECT Anywhere
131/tcp REJECT Anywhere
22 (v6) REJECT Anywhere (v6)
23/tcp (v6) REJECT Anywhere (v6)
79/tcp (v6) REJECT Anywhere (v6)
25/tcp (v6) REJECT Anywhere (v6)
43/tcp (v6) REJECT Anywhere (v6)
49 (v6) REJECT Anywhere (v6)
21/tcp (v6) REJECT Anywhere (v6)
110 (v6) REJECT Anywhere (v6)
115/tcp (v6) REJECT Anywhere (v6)
39/udp (v6) REJECT Anywhere (v6)
143 (v6) REJECT Anywhere (v6)
161 (v6) REJECT Anywhere (v6)
199 (v6) REJECT Anywhere (v6)
209 (v6) REJECT Anywhere (v6)
213 (v6) REJECT Anywhere (v6)
530/tcp (v6) REJECT Anywhere (v6)
389 (v6) REJECT Anywhere (v6)
444 (v6) REJECT Anywhere (v6)
465/tcp (v6) REJECT Anywhere (v6)
512/udp (v6) REJECT Anywhere (v6)
513/udp (v6) REJECT Anywhere (v6)
514/tcp (v6) REJECT Anywhere (v6)
514/udp (v6) REJECT Anywhere (v6)
540/tcp (v6) REJECT Anywhere (v6)
554 (v6) REJECT Anywhere (v6)
556/tcp (v6) REJECT Anywhere (v6)
623/udp (v6) REJECT Anywhere (v6)
706 (v6) REJECT Anywhere (v6)
88 (v6) REJECT Anywhere (v6)
990/tcp (v6) REJECT Anywhere (v6)
994 (v6) REJECT Anywhere (v6)
995 (v6) REJECT Anywhere (v6)
993 (v6) REJECT Anywhere (v6)
130/tcp (v6) REJECT Anywhere (v6)
130/udp (v6) REJECT Anywhere (v6)
131/udp (v6) REJECT Anywhere (v6)
132/udp (v6) REJECT Anywhere (v6)
133/udp (v6) REJECT Anywhere (v6)
134/udp (v6) REJECT Anywhere (v6)
135/udp (v6) REJECT Anywhere (v6)
136/udp (v6) REJECT Anywhere (v6)
137/udp (v6) REJECT Anywhere (v6)
138/udp (v6) REJECT Anywhere (v6)
139/udp (v6) REJECT Anywhere (v6)
139/tcp (v6) REJECT Anywhere (v6)
138/tcp (v6) REJECT Anywhere (v6)
137/tcp (v6) REJECT Anywhere (v6)
136/tcp (v6) REJECT Anywhere (v6)
135/tcp (v6) REJECT Anywhere (v6)
134/tcp (v6) REJECT Anywhere (v6)
133/tcp (v6) REJECT Anywhere (v6)
132/tcp (v6) REJECT Anywhere (v6)
131/tcp (v6) REJECT Anywhere (v6)
続いてfail2banをインストールし、これをすべてwikiポートページリストから手動で行い、すべてのリジェクトコマンドを入力しました!
私はまだ別の60000を逃した
ほとんどすべてのアクセスリストは、デフォルトでdeny all allで終了します。
ufwの幅を有効にすると、allowに対するすべてのルールがすべてdeny状態になります。
Status: active
To Action From
-- ------ ----
69 ALLOW Anywhere
53 ALLOW Anywhere
22 ALLOW 213.xxx.xxx.xxx
80/tcp ALLOW 194.247.xxx.xxx
21/tcp ALLOW 194.247.xxx.xxx
69 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
このルールは、ポート69、ポート53、213.xxx.xxx.xxxのssh、194.247.xxx.xxxの80および21のすべてを受け入れます... 他の着信トラフィックを拒否します
編集1
ufwルールなしでallowを有効にすると、ルールはすべてdenyになります。
ufwのルールの完全なコマンドは
Sudo ufw [--dry-run] [delete] [insert NUM] allow|deny|reject|limit [in|out on INTERFACE] [log|log-all] [proto protocol] [from ADDRESS [port PORT]][to ADDRESS [port PORT]]
このルールテンプレートに基づいて、このルールでポート80のxxx.xxx.xxx.xxxから許可できます。
特定のホスト用
Sudo ufw allow proto tcp from xxx.xxx.xxx.xxx to any port 80
webサーバーへのアクセスを許可しない場合
Sudo ufw allow proto tcp from any to any port 80
特定のネットワークからのアクセスを許可する場合
Sudo ufw allow proto tcp from xxx.xxx.xxx.xxx/yy to any port 80
どこ
xxx.xxx.xxx.xxx-ネットワークIPを表します
yy-ネットワークマスクを表します
サーバーにDNSserviceがある場合は、port 53およびproto tcpおよびproto udpのmakeルールを使用します。
Sudo ufw allow proto tcp from xxx.xxx.xxx.xxx/yy to any port 53
Sudo ufw allow proto udp from xxx.xxx.xxx.xxx/yy to any port 53