> > > >


Firewall Sederhana dengan Gufw
iyan squid Offline
Time To Revolution
44 - 322
#1
10-06-2012, 01:24 AM
Asslm,
ketemu lagi sama ane , facebooker galau Big Grin
kali ini ane mw bagi2 bagi y belom tw aja, salah satu tool firewall yaitu gufw

apa itu gufw ?
Gufw adalah GUI dari ufw dimana ufw sendiri adalah The default firewall configuration tool for Ubuntu is ufw. Developed to easeiptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled.
#maaf gk bisa artiin masih cetek bahasa inggris ane Sad

sedangkan firewall :
Merupakan suatu cara/sistem/mekanisme yang diterapkan baik terhadap hardware , software ataupun sistem itu sendiri dengan tujuan untuk melindungi, baik dengan menyaring, membatasi atau bahkan menolak suatu atau semua hubungan/kegiatan suatu segmen pada jaringan pribadi dengan jaringan luar yang bukan merupakan ruang lingkupnya. Segmen tersebut dapat merupakan sebuah workstation, server, router, atau local area network (LAN).

langsung saja cara menginstall gufw di ubuntu/backtrack
Code:
root@IBTeam |Aceh:~# apt-get install gufw

terus kalo udah tinggal buka aja gufw di menu>>system>>prefference>>administration>>Firewall configurations
untuk mengaktifkan Gufw tinggal klik enable terus tekan tombol add di sudut kanan bawah
kemudian add rule
contoh disini saya berikan akses
|| deny || in || service || ftp ||

keterangan gufw akan men deny , jaringan in (masuk) pada service ftp atau port 21
[Image: Selection_003.png]

berikut penampakan setingan gufw di lapi ane
[Image: Selection_002.png]

berikut ss iptables dari console ane
Code:
root@IBTeam |Aceh:~# iptables -L

Chain INPUT (policy DROP)
target     prot opt source               destination        
ufw-before-logging-input  all  --  anywhere             anywhere            
ufw-before-input  all  --  anywhere             anywhere            
ufw-after-input  all  --  anywhere             anywhere            
ufw-after-logging-input  all  --  anywhere             anywhere            
ufw-reject-input  all  --  anywhere             anywhere            
ufw-track-input  all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination        
ufw-before-logging-forward  all  --  anywhere             anywhere            
ufw-before-forward  all  --  anywhere             anywhere            
ufw-after-forward  all  --  anywhere             anywhere            
ufw-after-logging-forward  all  --  anywhere             anywhere            
ufw-reject-forward  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        
ufw-before-logging-output  all  --  anywhere             anywhere            
ufw-before-output  all  --  anywhere             anywhere            
ufw-after-output  all  --  anywhere             anywhere            
ufw-after-logging-output  all  --  anywhere             anywhere            
ufw-reject-output  all  --  anywhere             anywhere            
ufw-track-output  all  --  anywhere             anywhere            

Chain ufw-after-forward (1 references)
target     prot opt source               destination        

Chain ufw-after-input (1 references)
target     prot opt source               destination        
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:netbios-ns
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:netbios-dgm
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere            tcp dpt:netbios-ssn
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere            tcp dpt:microsoft-ds
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:bootps
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:bootpc
ufw-skip-to-policy-input  all  --  anywhere             anywhere            ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW BLOCK] '

Chain ufw-after-logging-input (1 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW BLOCK] '

Chain ufw-after-logging-output (1 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW ALLOW] '

Chain ufw-after-output (1 references)
target     prot opt source               destination        

Chain ufw-before-forward (1 references)
target     prot opt source               destination        
ufw-user-forward  all  --  anywhere             anywhere            

Chain ufw-before-input (1 references)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ufw-logging-deny  all  --  anywhere             anywhere            state INVALID
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            icmp source-quench
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
ACCEPT     udp  --  anywhere             anywhere            udp spt:bootps dpt:bootpc
ufw-not-local  all  --  anywhere             anywhere            
ACCEPT     all  --  base-address.mcast.net/4  anywhere            
ACCEPT     all  --  anywhere             base-address.mcast.net/4
ufw-user-input  all  --  anywhere             anywhere            

Chain ufw-before-logging-forward (1 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW AUDIT] '

Chain ufw-before-logging-input (1 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW AUDIT] '

Chain ufw-before-logging-output (1 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW AUDIT] '

Chain ufw-before-output (1 references)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ufw-user-output  all  --  anywhere             anywhere            

Chain ufw-logging-allow (0 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW ALLOW] '

Chain ufw-logging-deny (2 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            LOG level warning prefix `[UFW BLOCK] '

Chain ufw-not-local (1 references)
target     prot opt source               destination        
RETURN     all  --  anywhere             anywhere            ADDRTYPE match dst-type LOCAL
RETURN     all  --  anywhere             anywhere            ADDRTYPE match dst-type MULTICAST
RETURN     all  --  anywhere             anywhere            ADDRTYPE match dst-type BROADCAST
ufw-logging-deny  all  --  anywhere             anywhere            limit: avg 3/min burst 10
DROP       all  --  anywhere             anywhere            

Chain ufw-reject-forward (1 references)
target     prot opt source               destination        

Chain ufw-reject-input (1 references)
target     prot opt source               destination        

Chain ufw-reject-output (1 references)
target     prot opt source               destination        

Chain ufw-skip-to-policy-forward (0 references)
target     prot opt source               destination        
DROP       all  --  anywhere             anywhere            

Chain ufw-skip-to-policy-input (7 references)
target     prot opt source               destination        
DROP       all  --  anywhere             anywhere            

Chain ufw-skip-to-policy-output (0 references)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            

Chain ufw-track-input (1 references)
target     prot opt source               destination        

Chain ufw-track-output (1 references)
target     prot opt source               destination        
ACCEPT     tcp  --  anywhere             anywhere            state NEW
ACCEPT     udp  --  anywhere             anywhere            state NEW

Chain ufw-user-forward (1 references)
target     prot opt source               destination        

Chain ufw-user-input (1 references)
target     prot opt source               destination        
DROP       tcp  --  anywhere             anywhere            tcp dpt:ftp
DROP       tcp  --  anywhere             anywhere            tcp dpt:imap2
DROP       udp  --  anywhere             anywhere            udp dpt:imap2
DROP       tcp  --  anywhere             anywhere            tcp dpt:nfs
DROP       udp  --  anywhere             anywhere            udp dpt:nfs
DROP       tcp  --  anywhere             anywhere            tcp dpt:pop3
DROP       udp  --  anywhere             anywhere            udp dpt:pop3
DROP       tcp  --  anywhere             anywhere            multiport dports loc-srv,netbios-ssn,microsoft-ds
DROP       udp  --  anywhere             anywhere            multiport dports netbios-ns,netbios-dgm
DROP       tcp  --  anywhere             anywhere            tcp dpt:smtp
DROP       tcp  --  anywhere             anywhere            tcp dpt:ssh
DROP       udp  --  anywhere             anywhere            udp dpt:ssh
DROP       tcp  --  anywhere             anywhere            tcp dpt:5900

Chain ufw-user-limit (0 references)
target     prot opt source               destination        
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning prefix `[UFW LIMIT BLOCK] '
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable

Chain ufw-user-limit-accept (0 references)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            

Chain ufw-user-logging-forward (0 references)
target     prot opt source               destination        

Chain ufw-user-logging-input (0 references)
target     prot opt source               destination        

Chain ufw-user-logging-output (0 references)
target     prot opt source               destination        

Chain ufw-user-output (1 references)
target     prot opt source               destination
[/quote]

silahkan dicoba suruh teman untuk melakukan serangan ke laptop anda, di laptop ane ini berhasil. bisa menangkal MITM. Meskipun tidak ada system yang aman, minimal ini salah satu cara bertahan.

::Bonus ^_^
tambahan dari ane menangkal mitm dari sysctl.conf
[code]root@IBTeam |Aceh:~# nano /etc/sysctl.conf
cari baris
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
kemudian rubah menjadi
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
kemudian jalankan
Code:
root@IBTeam |Aceh:~# sysctl -p
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0

akhir kata sekian dan terima kasih, dikalau ada y salah, mohon koreksinya karena ane cuma manusia biasa y mencoba untuk berbagi, meskipun cuma sebaris kalimat Smile

wasslm,

sumber
aceh.indonesianbacktrack.or.id

 
Website Find
Reply

m4k4ss4rh4ck3r Offline
Advance
27 - 101
#2
10-06-2012, 01:31 AM
nice inpoh hacker aceh,,,,,memang keren
The Wolf
 
Find
Reply

iyan squid Offline
Time To Revolution
44 - 322
#3
10-06-2012, 01:34 AM
(10-06-2012, 01:31 AM)m4k4ss4rh4ck3r Wrote: nice inpoh hacker aceh,,,,,memang keren

hadeuh jangan panggil ane hacker aceh, ane bukan hacker cuma facebooker galau y numpang buat tread Sad
aceh.indonesianbacktrack.or.id

 
Website Find
Reply

alkaaf Offline
hehe
30 - 813
#4
10-06-2012, 06:19 AM
mantab dah. Akhirnya nemu jg gui buat iptable. Dulu pernah nybain fwbuilder malah kaga ngerti make nya gmn :d
Ebook teknik web hacking + POC
Share Inject
Internet Phreaking
 
Find
Reply

shift-del Away
Region Aceh
0 - 14
#5
10-06-2012, 10:23 AM
(10-06-2012, 06:19 AM)alkaaf Wrote: mantab dah. Akhirnya nemu jg gui buat iptable. Dulu pernah nybain fwbuilder malah kaga ngerti make nya gmn :d

seep om, silahkan dicobain Smile
~:: We Are Region Aceh ::~
#Indonesian Backtrack Team Regional Aceh#
 
Find
Reply

Al - Ayyubi Offline
Regional Division
12 - 973
#6
10-06-2012, 11:01 AM
thnk's om udah share ilmunya Smile
ikutan nyicip ya om Confused
Spoiler! :
<<Back|Track
☆‍‍‍‍☆‍‍‍‍☆‍‍‍‍☆☆

 
Find
Reply

Clound_Carbelius Offline
Wong Cilik
46 - 485
#7
10-06-2012, 11:22 AM
kalo ane pake FireStarter ...
tpi ini juga mantap om Tongue
Klik Here

Clound@IBTeam:~#
EMail Me : [email protected]
 
Website Find
Reply

zee eichel Offline
IBTeam Server Sysadmn
269 - 2,291
#8
10-06-2012, 01:01 PM
Nice info bro .. Smile
FOLLOW @DutaLinux
for more question and sharing about security and Opensource only
www.dutalinux.org
 
Website Find
Reply

Udalah$ Offline
Donatur
12 - 272
#9
10-06-2012, 05:10 PM
nice share and keep share om Smile
 
Find
Reply

Backtrack Dragon Offline
sahabatmu
27 - 475
#10
10-06-2012, 07:01 PM
Mantap nih untuk jaga-jaga Big Grin
Gambar benderanya bisa di ganti merah putih gak? atau logo IBT Big Grin
#kabur
Backtrack
Kisah tentang kita dan Linux
 
Website Find
Reply






Users browsing this thread: 1 Guest(s)