Iindidi zezixhobo zokhuseleko zekhompyuter

Diego Germán González

Imizuzu ye4

Ezinye iifirewall zeLinux

En amanqaku angaphambili Sathetha ngokubaluleka kunye nesidingo sokuba nezinto ezifanelekileyo zokukhusela idatha yethu kunye neenkqubo. Ngoku siza kuthetha ngeentlobo zezixhobo zokhuseleko zekhompyutha.

Ngaphambili, bekukholelwa ukuba ukufaka iLinux kukhuselwe kulo naluphi na uhlobo lohlaselo, nangona kunjalo, ubungakanani bokuthandwa kwayo kurhulumente kunye namacandelo eenkampani kwenze ukuba kube kujongwe kubaphulimthetho be-cyber.

Iindidi zezixhobo zokhuseleko zekhompyuter

Sele sichazile kumanqaku angaphambili ukuba kukho iintlobo ezimbini zohlaselo: ezo zijolise kubuthathaka besoftware kunye nezo zifuna ukuxhaphaza iimpawu zengqondo zabantu. Ezi zixhobo zijongene nokukhusela zombini i-hardware (iinkqubo zekhompyutha kunye nothungelwano oludibanisa nabo) kunye nolwazi olubucayi olufana nokufikelela idatha kwiintlobo zombini zokuhlaselwa.

Firewall

Ziyinkqubo yekhompyutha yezithethe ukusukela oko ibeka iliso kwitrafikhi yenethiwekhi engena kwaye iphuma kwaye isiya kwikhompyuter yendawo okanye inethiwekhi kunye nenethiwekhi yangaphandle. Ikwenza oko ngokusebenzisa isethi yemigaqo-nkqubo (iMithetho echazwe kwangaphambili) ukukhusela ukufikelela okungagunyaziswanga kunye nokusetyenziswa kwesofthiwe enobungozi.

Imigaqo-nkqubo ekhankanywe ngasentla imisela ukuba yeyiphi i-traffic enokudlula kuyo ngokusekelwe kwiikhrayitheriya ezifana neeprothokholi, iidilesi ze-IP okanye izicelo.

Iindlela zokuhlalutywa kwetrafikhi ezisetyenziswa ngama-firewall zezi:

  • Uhluzo lwepakethi: Yindlela esiyichazileyo ngasentla, ipakethe nganye yedatha ihlalutywa ngokwemiqathango emiselweyo kwaye ngokutsho kwabo banquma ukuba baphumelele okanye cha.
  • Uhlolo lwelizwe: Isigqibo sokuvumela ipakethe ukuba idlule okanye hayi isekelwe esweni uxhulumaniso kumthombo wepakethi.
  • Iifirewall zomaleko wosetyenziso: Ezi zizihluzi eziphambili kakhulu ezithi kwinqanaba lesicelo zihlole iipakethi ezigxile kwizicelo ezithile kunye nezixhobo.

Ezinye iifirewall zeLinux

iFire

Yakhelwe ukusuka kwiLinux Ukusuka kwi-Scratch (Isikhokelo sokwakha unikezelo lweLinux ukusuka ekuqaleni) olusasazo I-Linux ivumela inani elikhulu lezixhobo ezifana neRaspberry Pi ukuba zisetyenziswe njengeentsimbi zomlilo.

Inkqubo yofakelo ilula kakhulu kwaye ilula ukusukela oko ulungelelwaniso olwahlukileyo lwahlulwe lwaba zizinto ezichongiweyo ngemibala. Uhlaza lugcinelwe iikhompyuter eziqhagamshelwe kwinethiwekhi yendawo, ngelixa ubomvu bubhekisa kwi-Intanethi. Ukuze i-traffic ihambe ukusuka ebomvu ukuya eluhlaza, kufuneka uyigunyaze ngokukodwa.

Ngokusasazwa unokwazi ukubona ukungena kunye nokwakha iinethiwekhi zabucala zasekhaya.

IFirewall engantsonkothanga (UFW)

Yisoftware onokuthi uyifakile kunikezelo lwakho lweLinux okanye oya kuyifumana kwiindawo zokugcina. Igama layo ngokwenyani lithetha i-firewall engantsonkothanga.

Ukusebenza kwayo kusekelwe kwisakhelo se-Netfilter esibandakanyiwe kumzi-mveliso kwi-Linux kernel. Uluhlu lwemiyalelo eyaziwa ngokuba yi-iptables lusetyenziselwa ukuqwalasela i-Netfilter.

I-Ufw ke iyindawo yangaphambili yee-iptables eyenza kube lula ukulawula isihluzo somnatha, ngokusebenzisa ujongano lwelayini yomyalelo ukukhohlisa i-firewall. Olu jongano lulula kakhulu ukulusebenzisa kubo bobabini abasebenzisi be-novice kunye nabalawuli abaziingcali.

Kuyenzeka ukuba uyisebenzise ngokudibeneyo nomzobo womzobo.

Ukuhlaselwa

Ukuhlaselwa iyafana ne-UFW kuba ayifuni ukusetyenziswa kwe-hardware okanye izisombululo ze-virtualization ukuze isebenze. Ikwasebenza nakwi-Netfilter.

Ukuseka iimfuno zokusebenza, iifayile zokucwangcisa zisetyenziselwa ukuba inkqubo iya kuba noxanduva lokusebenzisa iptables.

Sisixhobo esifanelekileyo kwiikhompyuter ezinenkumbulo encinci ukusukela xa inkqubo yoqwalaselo igqityiwe ayifuni kuqhubeka isebenza. Nangona kunjalo, ukuguquguquka kwayo kunye namandla aneqabane ekungeyona ilula ukuyisebenzisa.

pfsense

Enye i-firewall efakwe kwi-distribution, ngeli xesha i-FreeBSD. Ingasetyenziswa kwi-router, i-DHCP okanye inqanaba leseva ye-DNS.

Ubumbeko lwayo lwenziwa kujongano lwewebhu kwaye inamaxwebhu abalaseleyo kunye nenkxaso yorhwebo.

Kwinqaku elilandelayo siya kuqhubeka sithetha ngezinye izixhobo zokhuseleko zeLinux.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Inoxanduva lwedatha: I-AB Internet Networks 2008 SL
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.