Recently i have been provided an opportunity to configure an application which will help someone to secure their application server. So i thought i should share my experience with all. By the way i have implemented this on Centos (Red Hat derivative) 64 Bit 6.3 final version.
ConfigServer Security & Firewall is an application which consists two daemons (csf and lfd).
1. CSF - Manages the firewall rules via iptables and also track many other things like connections per source ip address wise, port flooding etc via iptables modules.
2. LFD (Login Failure Daemon) - It checks failed login attempt for may services like SSH,POP3,IMAP etc and block source ip address based on our configured values.
Below are the steps which are required to install ConfigServer Security & Firewall.
1. Make a directory anywhere in your operating system.
mkdir /usr/local/csf
cd /usr/local/csf
2. Download csf (ConfigServer Security & Firewall) from http://www.configserver.com
wget http://www.configserver.com/free/csf.tgz
3. Untar downloaded csf.tgz
tar -xzf csf.tgz cd csf sh install.sh
4. Install.sh script will copy many configuration files under /etc/csf directory which you can change as per your requirement.
Main configuration file which you should touch is csf.conf.
cd /etc/csf
vim csf.conf
5. You should check TCP_IN and TCP_OUT variables to enable and disable incoming and outgoing ports to and from your server.
6. Make sure you swtich on start up script of csf at run level 3 and 5 for automatic start up of your operating system.
chkconfig csf on
chkconfig lfd on
