In order for a network to be secure, you need to have some type of firewall in place. Firewalls typically protect your server from a wide variety of network attacks, all of which focus on weaknesses or holes in your network. For example, an cyber-criminal may scan your server for an open, unused port and then use that port to launch an attack.
The ideal situation for a dedicated server is to have two firewalls in place: one on the router and the other on the server itself. The router firewall will generally block ports that your server does not use and may even protect against some types of specific attacks. The firewall software on your server will take it a step further, providing internal network security and also protecting from specific dangers, such as brute force attacks.
On a Linux dedicated server, there is a built-in firewall for the kernel, and you can use iptables to configure it. If you prefer another type of firewall frontend, APF (Advanced Policy Firewall) is a very popular choice and is much easier to configure.
- Linux Server Security Guide: Part 3
- Back to the Basics #7: OS Security
- Back to the Basics #8: Application Security
- Using Netstat to Monitor Network Services
- Back to the Basics #2: Networking