Linux Host with Firewall & Firewall Log Analysis

Assignment:

Set up a Linux host with firewall and do a firewall log analysis.

Linux Host with Firewall

I have practiced setting up the virtual host three times.

First Attempt

I created the droplet with assigned password which is super difficult for me to type in so I destroyed so.

Second Attempt

I followed through the tutorials yet I set up both Uncomplicated Firewall and Iptables which caused lots of confusion on my end and the host’s end.

Some errors I got include:

'sudo' is not recognized as an internal or external command, operable program or batch file.

So I started to panic. I tried to Google for answers yet it keeps telling me windows do not use Linux system. Yet later Tom clarified, digital ocean needs Linux system to work so I should still follow the tutorial to set up the ufw as I would for a Linux system.

Port 22 Connection Timed Out.

This problem scared me the most cuz I tried to follow the tutorial here posted on the digital Ocean forum yet no success. They even showed that the “ufw” is not recognized in my terminal.

I then had to restart my computer thinking it was just malfunction of my terminal.

Still no success.

Later I went to the office hour with Tom. Realizing that I have installed two firewalls, which is the cause of the problem. According to him, one firewall is fighting against another firewall.

Third Attempt

I have to say, three time’s a charm. I finally succeeded in my third try. It definitely is a valuable lesson for me to learn. More practices make me more familiar with the steps of setting up a virtual host.

Firewall Analysis

Here is my spreadsheet of firewall log analysis. I imported the data from the log to spreadsheet and cleaned the data. After several searches for spreadsheet add-ons, I could not find a way to convert the ip address to locations. Until I found the ipsidekick where I copied and pasted the script into the script editor. However, the link does not work. So I used ip-api.com to analyze each ip in my firewall log.

Here are two charts showing that United States tried to attack me more.

Published by Yiting Liu

NYU ITP '21

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create your website with WordPress.com
Get started
<span>%d</span> bloggers like this: