What is Centos?
Centos is a popular Linux distribution used by people with various professions. Centos is derived from the Red Hat Enterprise Linux. It is not red hat enterprise Linux; it is another product from red hat enterprise. The team behind Centos release RHEL source packages into binaries to the public users. Then you see different versions of the OS spreading on different download mirrors. There is a downside to choosing this product as your service. Because the software costs nothing compared to every other software in the market, here you won’t be able to get access to customer service; in case you ran into some trouble with the OS. You are on your own there.
The idea behind the centos is to give the people better handling of their system. As most of the services, they will use open source. That means more people will get to work on the software and make it better for the next group of people who are going to use the same piece of software. There might not be official support for the centos system, but you will find communities of people using the software in their own way. The community of centos is made of people who like Linux as general, and members with professional backgrounds. The framework of the Centos 6 Firewall can be utilized by a lot of companies to produce more fact-driven data with deeper analysis.
The reason people go for centos 6 is that it’s totally free to download, install, and for featuring a stronger firewall that lets the user control every part of the system without blocking them. Giving this level of freedom tend to get more people by their side. What does the firewall do? Why do you need a firewall for your service or system? We will go through all of the questions.
Why do you need a Firewall?
In this technologically driven age, everything is running at a much faster speed than anything else we have seen at any time in history. Information gets exchanged every second of the day. With all this information traveling back and forth from one location to another can have different consensuses for the company, if all the details are not encrypted with enough security. One of the ways to ensure the data is traveling safely from one location to another is by using firewall service.
If an organization or a business has a network of computers running at the same time, then not having a firewall can cause a huge disaster, as it will leave all the systems opens to external hacking. That’s why any computer connected to online should have some sort of security to prevent the data from being lost or hacked. The firewall provides one of the best ways to prevent data loss and shields the network from outward pressure.
The features of Centos 6 Firewall
Centos 6 Firewall is considered one of the best firewalls available in the market today. In the configuration of the consists of many important services. In here, you will see many trusted services. These services decide which TCP/ IP ports are open to traffic on the firewall. There are other primary services that take care of the rest inside the firewall.
- SSH – This service provides all the security you will need for your connection. SSH offers an encryption model with password protection. If somebody wants to connect to the system, they have to go through both of these functions to make any sort of connection. SSH also enables you to remotely log into your system and perform all the basic tasks without any hassle. You can perform a task such as copying files to and from your system. With the help of SSH, you can also remote execution of programs on other systems. The option is available for the user if they want to activate or not. If you want to have remote access to your system, you will need to activate SSH. If you do not need remote access to leave this disabled on the menu. And if you want to use SSH, you have to download it or install it first. You can’t access the service of SSH without installing it.
- Telnet – Telnet delivers remote terminal access to the system. While it does the same thing as SSH but there is a reason why people prefer SSH over this. Because telnet doesn’t provide any sort of encryption or password protection. Making telnet a faster option but less safe in value. Many users encourage people to follow ssh over telnet.
- WWW (HTTP) – If you are planning to host a web server on your CentOS 6 system, then you will need to enable HTTP traffic through the firewall. Once enabled, the system will get web page requests to reach to the HTTP servers. Notice that If you do not plan to use a web server, host any page, then it is better to leave this disabled.
- Mail (SMTP) – Simple Mail Transfer Protocol traffic – SMTP helps the firewall to decides whether it should block SMTP or not. If you are hosting a mail server in your centos 6, then you should turn on the SMTP. And vice versa, if you don’t. If you use the POP3 or IMAP server to download your mails, then you can leave this function disabled. This service shares a common thing with SSH, as both of these services will be available in the centos 6. You will have to download and install them for further use of the service.
- FTP – File Transfer Protocol – It defines whether the File Transfer Protocol traffic is allowed through the firewall. It’s for the users who set up an FTP server in their system. If you consider being one of them, then use the File Transfer Protocol enabled. In general, most users don’t even bother with creating an FTP server, so leave it disabled. For the people who create File transfer protocol, you will have to install this service after downloading it.
- Samba – Besides having one of the best names for a service. Samba helps connect the bridge between Windows and Linux only in files and printers sharing. If the traffic is blocked in the firewall, then samba won’t get used to the system.
By the way, here is everything about packet filtering firewall for your information.
Handling the settings for Centos 6 Firewall
In the default mode, the Centos 6 Firewall is configured to allow only SSH service to the system, if some other network is connected, then the firewall would show these networks as untrusted devices. The user is allowed to configure any setting using a firewall configuration tool. Making new rules would allow your device to connect the untrusted devices without blocking them from your end. You can also use the wizard tool to set up the firewall services. To use the wizard tool, you need to get to the toolbar of the firewall configuration tool, then click on the wizard button on the toolbar.
Setting up the wizard tool will have you answer a lot of questions in order to activate the service. Some of the questions you will get asked is – whether you are a beginner or an experienced user? Some questions will be about the network connection of the device, whether it is connected to the internet all the time or some of the time and questions such as whether the system is used as a personal desktop computer or a full-fledged server. Answering this question will give the firewall enough information to carry the operation without any problem.
Make sure all these questions cover everything about the system, the wizard in the firewall will configure the entire firewall based on the answer you have given to the questions. Picking recklessly will disable some function that you might find useful later to the software.
Centos 6 Firewall – Configuration of Trusted Interfaces
A trusted interface is where the traffic is coming from a more secure network environment. Configuring the firewall will help to decide which one of the network adapters is trusted and other not so much. In multiple times you will see the system being connected two different network adapters at the same time. Let’s just presume, one of the networks is a secured internal network and the other is coming from a non-confirmed external source. If you applied the rules in the firewall, then the firewall will see the non-confirmed external source as untrusted. Since it brings traffic from outside the local area. And the other one will be considered as a trusty one.
Centos 6 Firewall Network Address Translation
Centos 6 Firewall features NAT. Basically, it will masquerade the IP address of all the internal systems, when they all connect to the internet. This is where the actual IP address of all the internal systems will not get any damage at all, as they all will be hidden under the IP address of that Centos 6 Firewall. A user must use the Centos 6 Firewall as a gateway to connect to the internet to make this happen. Adapting to the network address translation will help protect important data of various computers while performing at the same level.
Centos 6 Firewall Port Forwarding
This is where the Centos 6 Firewall moves the traffic to the specific port to get to a particular system on the internal network. Rules must be set in the centos6 firewall to make it all happen. When you use the Centos 6 Firewall system as a gateway to provide the internet, this can help you forward traffic to a specific system through a specific port. This makes the firewall more reliable for users with a targeted system.
ICMP, or as it is known as the Internet Control Message Protocol, used to send error messages to each other. Filtering the ICMP will let you block any ICMP messages types from coming to your system. This is one of the great ways to prevent and DoS attacks. This is where the server will get thousands of messages, as the limit of the message would go far beyond the limit number; at this point, all the servers will get unstable, and eventually, these servers will open the door to these hackers to get it.
Many people may not know this, but ICMP filtering helped build the ping service, which you might have heard of in the networking or even in the field of video gaming. In the network field, ping gets used to detect the online activity of clients in the network. Centos 6 Firewall provides a better ICMP control as they give the user reports of every error message or giving them the function to cancel it for smoother handling of the system.
Centos 6 Firewall not only provides a lot of services to the users to fully utilize their network system to the style that suits them the best but also lets the user create custom rules. These custom rules can be specified then installed into the firewall. All the rules in the Centos 6 Firewall give the user is to let the user control what they will see on the screen and block out the things that can harm the server or any internal system. Some of the rules can get complex to utilize; that is why plenty of books have been written going through each of the functions inside the iptables. And there are even tools that make the configuration even faster.