Systems Admin Simplified

IPFW is one of several firewalls included in FreeBSD by default. It has a command-line tool to handle the policies for incoming and outgoing connections. In the configurations discussed here, network connections "from any to any" are deliberately avoided to prevent potential bounce attacks from happening, if the server is not intended to act as a router. Instead, a request/respond or incoming/outgoing rule pair is adopted to direct the flow of network traffic. The main objective is to set up IPFW to block unauthorized remote access to unsecured ports on the server. But if attackers manage to break in through a vulnerability on some programs running on authorized incoming ports, the outgoing restrictions will prevent massive data exfiltration, stopping intruders dead in their tracks. A similar approach can be done on Debian-based Linux distributions using UFW . ========== 1. STRICT CONFIGURATION 1.1. Create a custom shell script for IPFW commands. root@host: #  ee /etc/myip