Skip to content

Firewall security controls

Control : FIRE-4512

Lynis checks for the availability of IPtables, but also if the ruleset is not empty. This might indicate bad configuration or a missing ruleset on the system.

Control : FIRE-4513

This control checks what iptables rules are currently not being used. Proper maintenance of firewall rules is essential for accuracy and proper network traffic filtering. Regular checks on the proper working and rule-sets help in limiting traffic to the bare minimum and decrease general risk of unauthorized connections.Note: Some rules might have no hits, while still being applicable. Before removing rules, make sure that the time to monitor is long enough.

Control : FIRE-4590

Depending on the type of system and sensitivity of the data being stored and processed, a firewall is advised.