I have an Ubuntu Server 11.04 x64 which I want to secure.
The server will be open to Internet and I want to be able to SSH/SFTP into the machine and the SSH-server runs on a custom set port. I also want a web server accessible from the Internet. These tasks seems not to hard to perform but I also want SAMBA-shares to be accessible from within the local network and this seems to be a bit trickier.
If possible I also want to be able to "stealth" the ports necessary to protect the server further but also allow the SAMBA-shares to be automatically found within the local network.
I've never configured firewalls before except for a router and I always bump into a bunch of problem when doing it all by myself so I was hoping for some tips or preferably a guide on how to this.
Thank you!
Update:
On second thought I'd could just as likely go with UFW if the same settings are achievable ("stealth" ports).
I learned everything I needed to configure UFW from this excellent tutorial:
Enable ssh (replace 22 with the non-default port)
Enable ufw and by default deny all incoming (udp/tcp) traffic:
Enable Samba