{"id":577,"date":"2023-03-24T12:50:50","date_gmt":"2023-03-24T11:50:50","guid":{"rendered":"https:\/\/blog.exterra-services.cz\/?p=577"},"modified":"2025-02-25T13:23:43","modified_gmt":"2025-02-25T12:23:43","slug":"hardening-va-nakivo","status":"publish","type":"post","link":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/","title":{"rendered":"Hardening VA NAKIVO"},"content":{"rendered":"\n<p>Pokud provozujete star\u0161\u00ed instalaci Nakiva (&lt;10.5) jako virtual appliance (VA), m\u016f\u017ee pro v\u00e1s b\u00fdt u\u017eite\u010dn\u00e9 si instalaci obrnit sv\u00fdmi silami nam\u00edsto reinstalace na nov\u011bj\u0161\u00ed verzi a p\u0159enosu konfigurace.<\/p>\n\n\n\n<p>Nejprve za\u010dneme konfigurace firewallu <a href=\"https:\/\/cs.wikipedia.org\/wiki\/Iptables\" target=\"_blank\" rel=\"noreferrer noopener\">iptables<\/a>.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\niptables -A INPUT -p tcp --dport ssh -j ACCEPT\niptables -A INPUT -p tcp --dport 4443 -j ACCEPT\niptables -A INPUT -p tcp --dport 9446 -j ACCEPT\niptables -A INPUT -p tcp --dport 9448:10000 -j ACCEPT\niptables -A INPUT -j DROP\n\n\n<\/pre>\n\n\n\n<p>Po konfiguraci firewallu nainstalujeme IPS <a href=\"https:\/\/www.fail2ban.org\/wiki\/index.php\/Main_Page\" target=\"_blank\" rel=\"noreferrer noopener\">fail2ban <\/a>pomoc\u00ed p\u0159\u00edkazu &#8222;apt-get install fail2ban&#8220;.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">root@nakivo:# apt-get install fail2ban\nReading package lists... Done\nBuilding dependency tree\nReading state information... Done\nThe following additional packages will be installed:\n  python3-pyinotify python3-systemd\nSuggested packages:\n  mailx monit sqlite3 python-pyinotify-doc\nThe following NEW packages will be installed:\n  fail2ban python3-pyinotify python3-systemd\n0 upgraded, 3 newly installed, 0 to remove and 7 not upgraded.\nNeed to get 390 kB of archives.\nAfter this operation, 2,024 kB of additional disk space will be used.\nDo you want to continue? [Y\/n] y\nGet:1 http:\/\/us.archive.ubuntu.com\/ubuntu bionic\/universe amd64 fail2ban all 0.10.2-2 [329 kB]\nGet:2 http:\/\/us.archive.ubuntu.com\/ubuntu bionic\/main amd64 python3-pyinotify all 0.9.6-1 [24.7 kB]\nGet:3 http:\/\/us.archive.ubuntu.com\/ubuntu bionic\/main amd64 python3-systemd amd64 234-1build1 [36.1 kB]\nFetched 390 kB in 1s (440 kB\/s)\nSelecting previously unselected package fail2ban.\n(Reading database ... 70187 files and directories currently installed.)\nPreparing to unpack ...\/fail2ban_0.10.2-2_all.deb ...\nUnpacking fail2ban (0.10.2-2) ...\nSelecting previously unselected package python3-pyinotify.\nPreparing to unpack ...\/python3-pyinotify_0.9.6-1_all.deb ...\nUnpacking python3-pyinotify (0.9.6-1) ...\nSelecting previously unselected package python3-systemd.\nPreparing to unpack ...\/python3-systemd_234-1build1_amd64.deb ...\nUnpacking python3-systemd (234-1build1) ...\nSetting up fail2ban (0.10.2-2) ...\nCreated symlink \/etc\/systemd\/system\/multi-user.target.wants\/fail2ban.service \u2192 \/lib\/systemd\/system\/fail2ban.service.\nSetting up python3-systemd (234-1build1) ...\nSetting up python3-pyinotify (0.9.6-1) ...\nProcessing triggers for systemd (237-3ubuntu10.53) ...\nProcessing triggers for man-db (2.8.3-2ubuntu0.1) ...\nProcessing triggers for ureadahead (0.100.0-21) ...\n<\/pre>\n\n\n\n<p>Jako z\u00e1sadn\u00ed konfigurace IPS fail2ban je t\u0159eba azpnout ochranu SSH v souboru \/etc\/fail2ban\/jail.conf.<\/p>\n\n\n\n<p>Najd\u011bte a odkomentujte n\u00e1sleduj\u00edc\u00ed \u0159\u00e1dky:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[sshd]\nenabled = true\n<\/pre>\n\n\n\n<p>Pokud ji\u017e provozujete nov\u011bj\u0161\u00ed verzi VA, kde je nam\u00edsto u\u017eivatele root pou\u017eit u\u017eivatel nkvuser, m\u016f\u017eete tento bod p\u0159esko\u010dit. Jinak vytvo\u0159te nov\u00e9ho u\u017eivatele (nap\u0159. nakivo nebo nkvuser, my pou\u017eijeme jm\u00e9no nakivo) a skupinu admin (je v \/etc\/sudoers uvedena pro pr\u00e1vo spustit p\u0159\u00edkaz sudo, ale v \/etc\/group nen\u00ed). U\u017eivateli nakivo nastavte n\u011bjak\u00e9 netrivi\u00e1ln\u00ed heslo!<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">useradd nakivo\npasswd nakivo\ngroupadd admin\nusermod -a -G admin nakivo\n\n<\/pre>\n\n\n\n<p>Otestujte, \u017ee se lze na u\u017eivatele nakivo p\u0159ih\u00e1sit a prov\u00e9st nap\u0159. sudo su &#8211; (p\u0159epnut\u00ed na roota). Pokud v\u0161e bude fungovat, zamez\u00edme p\u0159\u00edm\u00e9mu loginu u\u017eivatele root p\u0159es ssh v souboru \/etc\/ssh a krom\u011b toho upravte je\u0161t\u011b p\u00e1r \u0159\u00e1dk\u016f dle tohoto vzoru:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">PermitRootLogin no\nPermitEmptyPasswords no\nIgnoreUserKnownHosts yes\nIgnoreRhosts yes\nProtocol 2\n<\/pre>\n\n\n\n<p>Nyn\u00ed otestujte, \u017ee v\u0161echno funguje a pokud ano, m\u016f\u017eeme p\u0159istoupit k dal\u0161\u00edmu utahov\u00e1n\u00ed \u0161roub\u016f. Za\u010dneme zamezen\u00edm toho, aby si OS sahal libovoln\u011b do internetu a donut\u00edme ho j\u00edt pouze \u0159\u00edzen\u011b p\u0159es proxy server (v na\u0161em p\u0159\u00edpad\u011b jde o stroj s proxyserverem Squid na portu 3128). samoz\u0159ejm\u011b pokud n\u011bjak\u00fd proxyserver provozujete:-)<\/p>\n\n\n\n<p>Utilitu pro aktualizace OS donut\u00edme k pou\u017eit\u00ed proxyserveru vytvo\u0159en\u00edm souboru \/etc\/apt\/apt.conf.d\/proxy.conf<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Acquire::http::Proxy \"http:\/\/proxy_ip:3128\/\";\nAcquire::https::Proxy \"http:\/\/proxy_ip:3128\/\";<\/pre>\n\n\n\n<p>D\u00e1le vynut\u00edme pou\u017eit\u00ed proxyserveru pro v\u0161echny u\u017eivatele \u00fapravou souboru \/etc\/environment<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">export http_proxy=proxy_ip:3128\nexport https_proxy=proxy_ip:3128<\/pre>\n\n\n\n<p>Nakonec si nech\u00e1me omezen\u00ed p\u0159\u00edstup\u016f na spr\u00e1vu appliance (SSH pro spr\u00e1vu OS a HTTP p\u0159\u00edstup na GUI NAKIVO directoru). Vych\u00e1z\u00edm z toho, \u017ee m\u00e1te v LAN n\u011bjakou dedikovanou stanici nebo server ur\u010den\u00e9 pro spr\u00e1vu, kde p\u0159\u00edsn\u011b kontrolujete a logujete, kdo se na n\u011b hl\u00e1s\u00ed, pravideln\u011b je aktualizujete a m\u00e1te na nich instalov\u00e1nu pat\u0159i\u010dnou ochranu (endpoint protection). Editujme tedy soubor \/etc\/iptables\/rules.v4. P\u016fvodn\u00ed obsah po po\u010d\u00e1te\u010dn\u00ed konfiguraci bude vypadat asi n\u011bjak takto.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># Generated by iptables-save v1.6.1 on Mon Sep 12 10:19:55 2022\n*filter\n:INPUT DROP [0:0]\n:FORWARD ACCEPT [0:0]\n:OUTPUT ACCEPT [9290916:135749001596]\n-A INPUT -p icmp -j ACCEPT\n-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT\n-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT\n-A INPUT -p tcp -m tcp --dport 4443 -j ACCEPT\n-A INPUT -p tcp -m tcp --dport 9446 -j ACCEPT\n-A INPUT -p tcp -m tcp --dport 9448:10000 -j ACCEPT\n-A INPUT -j DROP\nCOMMIT\n# Completed on Mon Sep 12 10:19:55 2022<\/pre>\n\n\n\n<p>P\u0159edpokl\u00e1dejme, \u017ee m\u00e1te 2 spr\u00e1vcovsk\u00e9 stanice na IP 192.168.1.100 a 192.168.1.200. Dopln\u00edme <\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"># Generated by iptables-save v1.6.1 on Mon Sep 12 10:19:55 2022\n*filter\n:INPUT DROP [0:0]\n:FORWARD ACCEPT [0:0]\n:OUTPUT ACCEPT [9290916:135749001596]\n-A INPUT -p icmp -j ACCEPT\n-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT\n-A INPUT -p tcp -m tcp -s 192.168.1.100\/32 --dport 22 -j ACCEPT\n-A INPUT -p tcp -m tcp -s 192.168.1.200\/32 --dport 22 -j ACCEPT\n-A INPUT -p tcp -m tcp -s 192.168.1.100\/32 --dport 4443 -j ACCEPT\n-A INPUT -p tcp -m tcp -s 192.168.1.200\/32 --dport 4443 -j ACCEPT\n-A INPUT -p tcp -m tcp --dport 9446 -j ACCEPT\n-A INPUT -p tcp -m tcp --dport 9448:10000 -j ACCEPT\n-A INPUT -j DROP\nCOMMIT\n# Completed on Mon Sep 12 10:19:55 2022<\/pre>\n\n\n\n<p>Restartujte firewall nebo rad\u011bji cel\u00fd server (to nikdy ne\u0161kod\u00ed:-) a otestujte funk\u010dnost.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Pokud provozujete star\u0161\u00ed instalaci Nakiva (&lt;10.5) jako virtual appliance (VA), m\u016f\u017ee pro v\u00e1s b\u00fdt u\u017eite\u010dn\u00e9 si instalaci obrnit sv\u00fdmi silami nam\u00edsto reinstalace na nov\u011bj\u0161\u00ed verzi a p\u0159enosu konfigurace. Nejprve za\u010dneme konfigurace firewallu iptables. iptables -A INPUT -m conntrack &#8211;ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp &#8211;dport ssh -j ACCEPT iptables -A INPUT -p [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"0","ocean_second_sidebar":"0","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"0","ocean_custom_header_template":"0","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"0","ocean_menu_typo_font_family":"0","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"0","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"off","ocean_gallery_id":[],"footnotes":""},"categories":[5],"tags":[],"class_list":["post-577","post","type-post","status-publish","format-standard","hentry","category-technologie","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hardening VA NAKIVO | Coffeespot<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/\" \/>\n<meta property=\"og:locale\" content=\"cs_CZ\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hardening VA NAKIVO | Coffeespot\" \/>\n<meta property=\"og:description\" content=\"Pokud provozujete star\u0161\u00ed instalaci Nakiva (&lt;10.5) jako virtual appliance (VA), m\u016f\u017ee pro v\u00e1s b\u00fdt u\u017eite\u010dn\u00e9 si instalaci obrnit sv\u00fdmi silami nam\u00edsto reinstalace na nov\u011bj\u0161\u00ed verzi a p\u0159enosu konfigurace. Nejprve za\u010dneme konfigurace firewallu iptables. iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport ssh -j ACCEPT iptables -A INPUT -p [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/\" \/>\n<meta property=\"og:site_name\" content=\"Coffeespot\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-24T11:50:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-25T12:23:43+00:00\" \/>\n<meta name=\"author\" content=\"Petr \u0160antr\u016f\u010dek\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Napsal(a)\" \/>\n\t<meta name=\"twitter:data1\" content=\"Petr \u0160antr\u016f\u010dek\" \/>\n\t<meta name=\"twitter:label2\" content=\"Odhadovan\u00e1 doba \u010dten\u00ed\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuty\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/\"},\"author\":{\"name\":\"Petr \u0160antr\u016f\u010dek\",\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\"},\"headline\":\"Hardening VA NAKIVO\",\"datePublished\":\"2023-03-24T11:50:50+00:00\",\"dateModified\":\"2025-02-25T12:23:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/\"},\"wordCount\":440,\"publisher\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\"},\"articleSection\":[\"Technologie\"],\"inLanguage\":\"cs\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/\",\"url\":\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/\",\"name\":\"Hardening VA NAKIVO | Coffeespot\",\"isPartOf\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#website\"},\"datePublished\":\"2023-03-24T11:50:50+00:00\",\"dateModified\":\"2025-02-25T12:23:43+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/#breadcrumb\"},\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.exterra-services.cz\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hardening VA NAKIVO\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.exterra-services.cz\/#website\",\"url\":\"https:\/\/blog.exterra-services.cz\/\",\"name\":\"Coffeespot\",\"description\":\"novinky z IT sv\u011bta\",\"publisher\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.exterra-services.cz\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"cs\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788\",\"name\":\"Petr \u0160antr\u016f\u010dek\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g\",\"caption\":\"Petr \u0160antr\u016f\u010dek\"},\"logo\":{\"@id\":\"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/\"},\"sameAs\":[\"http:\/\/www.exterra-services.cz\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hardening VA NAKIVO | Coffeespot","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/","og_locale":"cs_CZ","og_type":"article","og_title":"Hardening VA NAKIVO | Coffeespot","og_description":"Pokud provozujete star\u0161\u00ed instalaci Nakiva (&lt;10.5) jako virtual appliance (VA), m\u016f\u017ee pro v\u00e1s b\u00fdt u\u017eite\u010dn\u00e9 si instalaci obrnit sv\u00fdmi silami nam\u00edsto reinstalace na nov\u011bj\u0161\u00ed verzi a p\u0159enosu konfigurace. Nejprve za\u010dneme konfigurace firewallu iptables. iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport ssh -j ACCEPT iptables -A INPUT -p [&hellip;]","og_url":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/","og_site_name":"Coffeespot","article_published_time":"2023-03-24T11:50:50+00:00","article_modified_time":"2025-02-25T12:23:43+00:00","author":"Petr \u0160antr\u016f\u010dek","twitter_card":"summary_large_image","twitter_misc":{"Napsal(a)":"Petr \u0160antr\u016f\u010dek","Odhadovan\u00e1 doba \u010dten\u00ed":"2 minuty"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/#article","isPartOf":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/"},"author":{"name":"Petr \u0160antr\u016f\u010dek","@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788"},"headline":"Hardening VA NAKIVO","datePublished":"2023-03-24T11:50:50+00:00","dateModified":"2025-02-25T12:23:43+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/"},"wordCount":440,"publisher":{"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788"},"articleSection":["Technologie"],"inLanguage":"cs"},{"@type":"WebPage","@id":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/","url":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/","name":"Hardening VA NAKIVO | Coffeespot","isPartOf":{"@id":"https:\/\/blog.exterra-services.cz\/#website"},"datePublished":"2023-03-24T11:50:50+00:00","dateModified":"2025-02-25T12:23:43+00:00","breadcrumb":{"@id":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/#breadcrumb"},"inLanguage":"cs","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.exterra-services.cz\/index.php\/2023\/03\/24\/hardening-va-nakivo\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.exterra-services.cz\/"},{"@type":"ListItem","position":2,"name":"Hardening VA NAKIVO"}]},{"@type":"WebSite","@id":"https:\/\/blog.exterra-services.cz\/#website","url":"https:\/\/blog.exterra-services.cz\/","name":"Coffeespot","description":"novinky z IT sv\u011bta","publisher":{"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.exterra-services.cz\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"cs"},{"@type":["Person","Organization"],"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/9d7d8c191f609a8a425d4c493eeee788","name":"Petr \u0160antr\u016f\u010dek","image":{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/154c38d0d2d25a88896d979541de331f6606987733e06f398d3552a6871e5b77?s=96&d=mm&r=g","caption":"Petr \u0160antr\u016f\u010dek"},"logo":{"@id":"https:\/\/blog.exterra-services.cz\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/www.exterra-services.cz"]}]}},"_links":{"self":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts\/577","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/comments?post=577"}],"version-history":[{"count":4,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts\/577\/revisions"}],"predecessor-version":[{"id":729,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/posts\/577\/revisions\/729"}],"wp:attachment":[{"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/media?parent=577"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/categories?post=577"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.exterra-services.cz\/index.php\/wp-json\/wp\/v2\/tags?post=577"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}