Introduction

Today, ever more machines and people are connected to the Internet and hackers continually tries to invade machines connected to the Internet. As still more people gains access to the Internet, hacking becomes more frequent, and focus on security on servers have become a necessity. Security can be divided into three parts.

Application security:

Applications usually enforce some kind of security by restricting users in terms of functionality and access to machines. An example of this is a web-server. A simple web-server only exposes a defined set of files to the Internet, and only a problem in the software would give remote users access to other than the said files.

User security:

If a remote user is able to circumvent the security imposed by some program (by exploiting a bug in the software), the user is still restricted to the rights of the user who started the started. As an example, a web-server is usually stated as the users nobody, which has very limited rights in terms of reading and executing programs.

Network security:

This is the lowest level of security. By controlling communication between remote machines and Internet services, unsafe applications can be protected against untrusted access.

This paper will concentrate on network security in terms of defining a methodology for describing a firewall, and implementing the methodology under Linux.