Linux UFW Firewall Questionable

Why, If your VPS host has a configurable firewall you should uninstall the ubuntu UFW and iptables and use the external firewall provided by your VPS. Your server will have greater security than UFW and iptables can provide you with. Your server will be safer and more secure using your VPS hosts included external configurable firewall. Thumbs down for UFW (Universal firewall) it is rubbish, fools gold, false sense of security!

First configure your VPS firewall with your deny and allow rules than:

apt remove ufw
apt remove iptables

Done, your server will have greater security and if a hacker breaches you they will look to disable or modify ufw firewall rules and ufw and iptables will not exist on your server because, your firewall is external and you will also put less server drain on your server by not having those firewalls. No ufw and no iptables means a hacker has lost the edge!

When I was using UFW with iptables I block IP with UFW and iftop shows they are still coming which is expected from iftop but, the problem I get is UFW (universal firewall) does not record in the logs that they were blocked and iftop does show they keep on coming! Even with a setting of “ufw logging high” which I understand logs everything. iftop shows they are still coming, but, shouldn’t UFW record in the logs BLOCKED? I think so and come to the conclusion UFW is like a toy camera…. The UFW logs should give you a sense of security when it shows it is blocking what you instructed to block. But, UFW does not, begs the question, did UFW BLOCk what you instructed? I think not! The idea behind setting ufw logging to high is so you can monitor and see if ufw is doing the job you expect. If so great, switch ufw logging low again…

With my email server, dovecot, postfix etc. I set for high debug mode to monitor what is happening, it shows you what passwords are given etc. This is what you expect in high log mode, This way you can resolve issues fast and see if there really is a threat and once you see no threat and the mail server is working fine you revert back to normal logging mode. Not the case with UFW, ufw either isn’t working correctly or, the logging is fatally flawed and you’re unable to determine if you’ve been hacked or not. But, your bandwidth and server resource usage will give you an idea. Topic for another day.

My server has a front end firewall and I use to use UFW as secondary for convenience, easier to setup a block. (but my trust in UFW was low) with good reason not to for frontline defence). But, is easier to use and block better? Time and time again I find UFW, didn’t always block or is it blocking and not logging? Questionable! Hence, the reason I “apt remove ufw”.If you’re not going to log it for me F off!

When I had seen and believed UFW isn’t blocking, as easily seen in the logs I use the frontline firewall to block the friends of UFW. Annoying because I prefer the frontline firewall to be frontline defence only and it requires logging into the server porthole to configure and do what UFW can’t seem to do. But. it does what UFW isn’t competent at, but it seems, UFW is not as good as the claims are made about it. UFW, if you have a log, and you blocked someone, shouldn’t that be recorded in the log. Especially during monitoring I set UFW logging high and ufw allow log 80,443/tcp and nothing recorded about a BLOCK, just ALLOW, ALLOW and o yeah, ALLOW even though iftop shows them knocking at the door with data transfers.

Hence, since I have to use the frontline firewall as defence for peace of mind because ufw is not logging that it’s doing the job, I ask myself, “What is the point of UFW with no peace of mind?” Answer, apt remove ufw.

When I block an IP I issued, ufw insert 1 deny from xxx.xxx.xxx.xxxx or if pesty Amazon or Brazilian servers go for xxx.xxx.xxx.0/24 and blocked a larger range of the pesty inbreeds.

For peace of mind and your VPS provider has a configurable firewall do as I have done and apt remove ufw….. It’s fools gold!

effethemes.com DOS attack

Trojan Alert: effethemes.com (Brazilian Server) WordPress themes contain a trojan. Definition of a trojan is a piece of code that does something malicious. The theme links your site to thousands of BR hacker scanner sites that scan/probe your server thousands of times an hour. Form of mentally challenged Brazilian DOS attack, low grade attack.

Partnership

We will have partnerships enabled on the grid later this weekend. The web developer had a serious fall on Friday resulting injuries requiring laid back rest for a few days. Expect on Monday, work will continue to include the addition of adding a partner to your avatar.

It will be an easy process where you add a partner, the request will be sent to the other avatar and once they confirm the other party accepts your proposal to be their virtual world partner it will be connected to your profile. Congratulations, on your virtual marriage.

Don’t forget to visit other worlds such as Osgrid and Kitely grid where you are able to obtain items for your inventory, your avatar and your land. Opensimworld is a great place for tips and tricks and opensim setting up.

Change Avatar Name

Account management fully operational. You’re now able to change password, email and avatar name. No longer are you committed to an avatar name. At Jacobs Bonny Grid Premium members are able to change the name of their avatar anytime they choose.

Australian Politicians Little Foresight

The possibility of owning your own home in Australia has become just a dream. Todays politicians lack foresight, and need the balls to stand up to the UN. The Labor party, once the working glass party, no more. leaving many homeless, record numbers unable to buy a home, many more unable to even find a place to rent.

The UN should be held jointly accountable for the homelessness’ of Australian children, and the physical and emotional abuse they suffer as a consequence of family pressure to pay for a home, let alone get one. The security council is also partly responsible for the rising juvenile crime, the consequence of family pressures of housing struggles. Today, the UN are nothing more than dictators, do as we demand or suffer our wrath of economical disruption (abuse against children), have laid the foundations, to housing shortages in Australia. In my opinion, the security council think of themselves and their own country before considering the consequences of their actions against children of other countries.

Australia must stop taking in refugees until we have enough housing for our own people, our own children, our future generations. I’m sick in the stomach when I see a refugee driving a nice car, living in a lovely home financed by Australian tax payers, and an an Australian family of 5 with 2 toddlers living in a rust bucket car because they can’t get a home. Because the selfish United Nations security council, don’t care about Australian children!

The United Nations pressures us to fill our sinking ship with buckets of water. We don’t need the UN. They need us! They are a cancer to our country. Our government must start saying no whenever the UN pressures us to do do things that have a negative impact on our people, our children. Charity starts at home Australia! Grow a pair of balls!

You can, own your own virtual reality land and home here, at Jacobs grid. Join today, select your land and move in. No Australian politician can say that! Join today When the population of this grid grows to a point land availability is beginning to get low we sill stop taking in new members. Thank goodness the UN cannot put economical pressure on us for doing that! (tongue in cheek). This is an Australian only grid. Nothing you can do about that UN so suck my…… United Nations!

Jacob’s Bonny is Grid Open

We are pleased to announce the grid’s web site is ready for launch.

Membership is open to all types of avatar roleplay.

The new web interface allows you to create your first avatar giving you a choice between 5 styles. Adult male and Female, Teen male and female and a ninja.

Membership is free to join, includes a parcel of land giving you for parcel control.

Osgrid is still offline for maintenance and should be back soon. Those avatars from Osgrid region Grapevine are more than welcome to create an account here at Jacob’s Bonny Grid and get yourself a parcel of land.