Firewall and Security
Linux offers various tools for configuring and managing firewalls, intrusion detection and prevention systems, auditing, and security policies. Commands like firewalld
, fail2ban
, and auditd
help secure the system by controlling network traffic, detecting and mitigating malicious activities, and monitoring system events for security purposes.
Command |
Description |
Example |
---|---|---|
firewalld |
Manage firewall rules (modern). |
firewall-cmd --zone=public --add-port=80/tcp --permanent
Opens port 80 for TCP traffic permanently. |
fail2ban |
Intrusion prevention system that scans log files and bans IPs that show malicious signs. |
fail2ban-client status
Displays the current status of Fail2Ban. |
auditd |
Linux audit daemon to monitor system calls and file system events. |
auditctl -l
Lists the current audit rules. |
semanage |
SELinux policy management tool. |
semanage fcontext -a -t httpd_sys_content_t '/web(/.*)?'
Adds a new SELinux file context for a web directory. |
getsebool |
Get the value of an SELinux boolean. |
getsebool httpd_can_network_connect
Retrieves the value of the SELinux boolean “httpd_can_network_connect”. |
setsebool |
Set the value of an SELinux boolean. |
setsebool -P httpd_can_network_connect on
Sets the SELinux boolean “httpd_can_network_connect” to “on” persistently. |
sestatus |
Display SELinux status. |
sestatus
Displays the current SELinux status, including mode, policy version, and status of SELinux modules. |
AppArmor |
Mandatory access control framework for restricting programs’ capabilities. |
aa-status
Shows the status of AppArmor and its enforced profiles. |
sysctl |
Configure kernel parameters at runtime. |
sysctl -w net.ipv4.tcp_syncookies=1
Enables TCP SYN cookies to mitigate SYN flood attacks. |
ufw |
Uncomplicated Firewall – simplifies firewall configuration. |
ufw allow ssh
Allows SSH traffic through the firewall. |
Linux Security Command Cheat Sheet
Maintaining a secure and hardened Linux system is crucial in today’s threat-laden digital landscape. This comprehensive Linux Security Command Cheat Sheet serves as an invaluable resource for system administrators and security professionals, providing a concise reference to essential commands spanning various security domains. From user and group management to privilege escalation, file system security, process monitoring, firewall configuration, and security scanning, this guide covers a wide array of tools and utilities tailored for fortifying Linux environments.
Whether you’re managing access controls, auditing system events, securing network communications, or proactively detecting and mitigating potential threats, this cheat sheet equips you with the necessary knowledge to navigate through the vast arsenal of Linux security commands. With practical examples and clear descriptions, this resource empowers you to effectively secure, harden, and maintain the integrity of your Linux systems, ensuring robust protection against evolving cyber threats.
Linux Security Command Cheat Sheet
- User and Group Management
- Privilege Management
- File and Directory Management
- Process Management
- Firewall and Security
- Networking and Security Tools
- Security Scanners