APF and BFD install CentOS

Installing APF and BFD

1. Find ports you need to open.

type netstat -natul

look for something similar to below. Make note of the ports you know that need to be open.
For instance this is on a direct admin box so
tcp ports 22,25,80,110,443,2222,3306,8090 need to be and should be listed below.

tcp        0      0 0.0.0.0:32768           0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:34407         0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN
tcp        0      0 206.51.225.159:53       0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:8090            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN

2. Download APF and BFD (Advanced Policy Firewall and Brute Force Detection)

wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

3. Install APF
Extract it
tar xvzf apf-current.tar.gz
Go into the extracted directory
cd apf-0.9.5-1/ (your version may be different)
Install APF
sh install.sh

4. Edit the conf.apf
vi /etc/apf/conf.apf
For a Direct Admin box change
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="22"
To
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="22,25,80,110,443,2222,3306,8090"
and
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=""
To
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"

also turn OFF devmode when you are done opening ports
# Set firewall dev cronjob
# 1 = enabled / 0 = disabled
DEVM="0"

Save the file
In vi hit esc then :wq to save the file
service apf restart to restart the firewall
or /etc/init.d/apf restart

Now APF is installed with open ports listed above open.

5. Install BFD
Extract it
tar xvzf bfd-current.tar.gz
Go into the extracted directory
cd bfd-0.6/
Install BFD
sh install.sh
You can edit the conf file but it is ready to go out of the box you dont have to edit it.
vi /usr/local/bfd/conf.bfd

You might want to set it up to email the root user when the server is brute force attacked.

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

CentOS6 Owncloud install

I found owncloud recently. It is a dropbox replacement that you can host yourself. It is very...

CentOS 5.7 64 bit DRBD - Apache MySQL Failover - DRBD, Heartbeat, Apache, MySQl, phpmadmin, webmin, APF, BFD, and malware detect.

CentOS 5.7 64 bit DRBD - Apache MySQL Failover - DRBD, Heartbeat, Apache, MySQl, phpmadmin,...

chkrootkit install CentOS

1. Login to the server as root you want to install Chkrootkit on.2. To download the newest do...

How to install AWStats on CentOS 6.6

How To Install AWStats on CentOS 6.6 this assumes you have apache running and you want to monitor...