Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu Server Development (http://www.linux-archive.org/ubuntu-server-development/)
-   -   Controlling memcached access with ufw (http://www.linux-archive.org/ubuntu-server-development/567779-controlling-memcached-access-ufw.html)

Simon Males 08-24-2011 01:53 PM
Controlling memcached access with ufw
 
(read: 'Securing' memcached)

I hope to cluster memcached. The network is untrusted and I must
restrict the allowed clients. So this is my first attempt at
firewalling.

I've switched the ufw's DEFAULT_INPUT_POLICY to ACCEPT as there is no
current firewall. Next I added two clients which have explicit access
to port 11212 followed by a catch all DENY to 11212.

# ufw status verbose
Status: active
Logging: on (low)
Default: allow (incoming), allow (outgoing)
New profiles: skip

To Action From
-- ------ ----
11212 ALLOW IN 192.168.1.102
11212 ALLOW IN 192.168.1.103
11212 DENY IN Anywhere
11212 DENY IN Anywhere (v6)

Does this sound like a decent attempt at locking down memcached?

Additionally with the above rules, could I create an application
profile? Ideally there will be multiple memcached servers, and I would
like to version control the profile.

--
Simon Males

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam


All times are GMT. The time now is 05:18 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.