Loading...
ARPHost, LLC.
0
Register Account
ARPHost, LLC.
ExtendReduce
Home
Hosting
Email Hosting Website Hosting VirtualPBX Hosting
Domain Names
Register a Domain Name Transfer a Domain Name Domain Name Search
Managed Services
Monthly Managed Service 1 HOUR Monthly Managed Services 5 HOUR Monthly Managed Services 10 HOUR
Cloudflare Management
Managed Cloudflare Free Managed Cloudflare Pro Managed Cloudflare Business
Game Servers
Rust Minecraft Ark Survival
Company
About Us Contact Us
Client Login
Knowledgebase
Categories
Tag Cloud
Support
APF and BFD install CentOS
Print

Installing APF and BFD

1. Find ports you need to open.

type netstat -natul

look for something similar to below. Make note of the ports you know that need to be open.
For instance this is on a direct admin box so
tcp ports 22,25,80,110,443,2222,3306,8090 need to be and should be listed below.

tcp        0      0 0.0.0.0:32768           0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:34407         0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN
tcp        0      0 206.51.225.159:53       0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:8090            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN

2. Download APF and BFD (Advanced Policy Firewall and Brute Force Detection)

wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

3. Install APF
Extract it
tar xvzf apf-current.tar.gz
Go into the extracted directory
cd apf-0.9.5-1/ (your version may be different)
Install APF
sh install.sh

4. Edit the conf.apf
vi /etc/apf/conf.apf
For a Direct Admin box change
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="22"
To
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="22,25,80,110,443,2222,3306,8090"
and
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=""
To
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"

also turn OFF devmode when you are done opening ports
# Set firewall dev cronjob
# 1 = enabled / 0 = disabled
DEVM="0"

Save the file
In vi hit esc then :wq to save the file
service apf restart to restart the firewall
or /etc/init.d/apf restart

Now APF is installed with open ports listed above open.

5. Install BFD
Extract it
tar xvzf bfd-current.tar.gz
Go into the extracted directory
cd bfd-0.6/
Install BFD
sh install.sh
You can edit the conf file but it is ready to go out of the box you dont have to edit it.
vi /usr/local/bfd/conf.bfd

You might want to set it up to email the root user when the server is brute force attacked.

Was this answer helpful?

1 Users Found This Useful (3 Votes)

Related Articles

Most Popular Articles

CentOS6 Owncloud install

I found owncloud recently. It is a dropbox replacement that you can host yourself. It is very...
CentOS 5.7 64 bit DRBD - Apache MySQL Failover - DRBD, Heartbeat, Apache, MySQl, phpmadmin, webmin, APF, BFD, and malware detect.

CentOS 5.7 64 bit DRBD - Apache MySQL Failover - DRBD, Heartbeat, Apache, MySQl, phpmadmin,...
chkrootkit install CentOS

1. Login to the server as root you want to install Chkrootkit on.2. To download the newest do...
How to install AWStats on CentOS 6.6

How To Install AWStats on CentOS 6.6 this assumes you have apache running and you want to monitor...

ARPHost is a Full Service Hosting and Managed Service Company. We are now serving the Durango, Co area. If you have any questions please contact by clicking the contact link to the right or give us a call.

1-970-999-6032

653 Willimax Ln. Durango, Co 81303

Support
Services
Game Servers
Policies
Copyright © 2024 ARPHost, LLC.. All Rights Reserved.
Do you allow us to use cookies ?

By clicking “Allow All”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.