FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Server Development

 
 
LinkBack Thread Tools
 
Old 08-24-2011, 01:53 PM
Simon Males
 
Default Controlling memcached access with ufw

(read: 'Securing' memcached)

I hope to cluster memcached. The network is untrusted and I must
restrict the allowed clients. So this is my first attempt at
firewalling.

I've switched the ufw's DEFAULT_INPUT_POLICY to ACCEPT as there is no
current firewall. Next I added two clients which have explicit access
to port 11212 followed by a catch all DENY to 11212.

# ufw status verbose
Status: active
Logging: on (low)
Default: allow (incoming), allow (outgoing)
New profiles: skip

To Action From
-- ------ ----
11212 ALLOW IN 192.168.1.102
11212 ALLOW IN 192.168.1.103
11212 DENY IN Anywhere
11212 DENY IN Anywhere (v6)

Does this sound like a decent attempt at locking down memcached?

Additionally with the above rules, could I create an application
profile? Ideally there will be multiple memcached servers, and I would
like to version control the profile.

--
Simon Males

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 

Thread Tools




All times are GMT. The time now is 07:34 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org