Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


hostsolutions.ro cannot run UFW
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

hostsolutions.ro cannot run UFW

kisielkisiel Member

Hi Guys,

I realized that the vps on hostsolutions.ro won't let me install UFW. Something missing in the kernel. What are my options to secure it?

Thanks for help
Marcin

Comments

  • NekkiNekki Veteran

    @kisiel said:
    Hi Guys,

    I realized that the vps on hostsolutions.ro won't let me install UFW. Something missing in the kernel. What are my options to secure it?

    Thanks for help
    Marcin

    What’s missing from the kernel?

  • I'm guessing it's for their OpenVZ plans? If I'm not mistaken, the connection tracking module (conntrack) is not in the kernel by default, but you can open a ticket and request for it to be enabled.

  • LeviLevi Member

    CSF, Shorewall.

  • kisiel said: I realized that the vps on hostsolutions.ro won't let me install UFW. Something missing in the kernel. What are my options to secure it?

    CSF is a much better solution. You can even try their web interface (of course free) to config it.

  • Thank you all
    looks like @pullangcubo mentioned it is OpenVZ plan with a missing module.
    I raised a ticket asking what with UFW but haven't got any response since a week or so. I will add the info there and keep fingers crossed.

  • NekkiNekki Veteran

    jvnadr said: CSF is a much better solution.

    I do like CSF for when I'm in a hurry, although I've never used the web interface.

  • jvnadrjvnadr Member
    edited August 2018

    Nekki said: I've never used the web interface

    It's nothing special, just the ol'good config in a html page with option to change values on the fly, with easier search and view. Something like gui installation of linux vs plain terminal...

  • jsgjsg Member, Resident Benchmarker

    How would a provider keep evil users away from f*cking other users or even the nodes stuff on OpenVZ? (Without some extra protection layer)

  • kisiel said: secure

    which OS, if you dont mind

  • kisiel said: haven't got any response since a week or so.

    Just keep waiting and don't bump your ticket. The waiting queue can be quite long.

  • What service needs to install UFW

  • kisielkisiel Member
    edited August 2018

    @sibaper said: which OS, if you dont mind

    Ubuntu. I believe 14.04 or 12.04 is all I can have

  • kisielkisiel Member
    edited August 2018

    @doumazdou said: What service needs to install UFW

    I don't think any service actually needs UFW. I am fairly new to Linux and read somewhere that UFW is a good idea.

  • kisielkisiel Member
    edited August 2018

    @JerryHou said: Just keep waiting and don't bump your ticket. The waiting queue can be quite long.

    paid off, all sorted now. Thank you

  • @jsg said:
    How would a provider keep evil users away from f*cking other users or even the nodes stuff on OpenVZ? (Without some extra protection layer)

    I am not sure what is the message. Do you agree with installing UFW or disagree? and why?
    I am happy to learn.

  • jsgjsg Member, Resident Benchmarker

    I'm asking something. I'm asking how a provider can give you access to the firewall -and - make sure that you don't make rules with someone elses IP on the same OpenVZ node.

  • @jsg said:
    I'm asking something. I'm asking how a provider can give you access to the firewall -and - make sure that you don't make rules with someone else's IP on the same OpenVZ node.

    wow. that's an interesting thought. If that's really possible then missing conntrack should be a good thing. But now I have it loaded so can block anyone on the same node?

  • jsgjsg Member, Resident Benchmarker

    @kisiel said:
    wow. that's an interesting thought. If that's really possible then missing conntrack should be a good thing. But now I have it loaded so can block anyone on the same node?

    Pardon me my interest and hence my knowledge in OpenVZ is quite limited. I'd assume though that following my hint will lead you to an answer.

Sign In or Register to comment.