Set up a Linux host with firewall and do a firewall log analysis.
Linux Host with Firewall
I have practiced setting up the virtual host three times.
I created the droplet with assigned password which is super difficult for me to type in so I destroyed so.
I followed through the tutorials yet I set up both Uncomplicated Firewall and Iptables which caused lots of confusion on my end and the host’s end.
Some errors I got include:
'sudo' is not recognized as an internal or external command, operable program or batch file.
So I started to panic. I tried to Google for answers yet it keeps telling me windows do not use Linux system. Yet later Tom clarified, digital ocean needs Linux system to work so I should still follow the tutorial to set up the ufw as I would for a Linux system.
Connection Timed Out.
This problem scared me the most cuz I tried to follow the tutorial here posted on the digital Ocean forum yet no success. They even showed that the “ufw” is not recognized in my terminal.
I then had to restart my computer thinking it was just malfunction of my terminal.
Still no success.
Later I went to the office hour with Tom. Realizing that I have installed two firewalls, which is the cause of the problem. According to him, one firewall is fighting against another firewall.
I have to say, three time’s a charm. I finally succeeded in my third try. It definitely is a valuable lesson for me to learn. More practices make me more familiar with the steps of setting up a virtual host.
Here is my spreadsheet of firewall log analysis. I imported the data from the log to spreadsheet and cleaned the data. After several searches for spreadsheet add-ons, I could not find a way to convert the ip address to locations. Until I found the ipsidekick where I copied and pasted the script into the script editor. However, the link does not work. So I used ip-api.com to analyze each ip in my firewall log.
Here are two charts showing that United States tried to attack me more.