FOUNDATION & ENVIRONMENT BUILDING

Overview

I configured host level firewall rules on Ubuntu using Uncomplicated Firewall. The goal was to reduce attack surface, keep remote access available, and practice rule management. (How to Build and Configure a Firewall)

Objectives

Enable Uncomplicated Firewall with safe defaults.
Allow required services and restrict by IP when appropriate.
Log and verify the policy with external scans.

Prerequisites

Ubuntu server or desktop with sudo rights.
Basic command line familiarity.

Tools and technologies

Uncomplicated Firewall, Ubuntu Linux, Network Mapper

Implementation

Update the system

sudo apt update
sudo apt upgrade y

Install and enable Uncomplicated Firewall

sudo apt install ufw
sudo ufw enable

Keep remote access open

sudo ufw allow ssh or sudo ufw allow 22 tcp for custom ports

Allow required services

sudo ufw allow http and sudo ufw allow https
Allow ranges and sources when needed, for example, sudo ufw allow from 192.168.1.0 24

Deny high risk or unused services

sudo ufw deny 23 tcp to block Telnet

Set defaults and logging

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw logging on

Verify and maintain

sudo ufw status verbose
sudo ufw status numbered and sudo ufw delete n to remove rules
External validation with Network Mapper from a second machine

Outcomes

A minimal, auditable firewall policy that fits the workloads I run.
Faster incident checks because allowed services are explicit.

Skills demonstrated

Host firewall design, rule hygiene, least privilege.
External validation with Network Mapper.
Documentation of security baselines.

← Pentesting Playground

VPN Command Center →

Google Sites

Report abuse