Security

The Security system is an advanced framework for tracking access permissions to the different plugins that you use with Genesis. From here, you can easily restrict network-based access to your services. You can also enable defensive actions to be automatically taken if arkOS detects intrusion/hacking attempts against your server.

Firewall
The Firewall tab shows all of the plugins and webapps you use with Genesis, as well as their current access permissions. From this list, plugins are shown as being available to All Networks, meaning that this service is accessible to all users who can reach your server (e.g. via the Internet); Local Only, meaning that they can only be reached from inside your local network (detected by Genesis and displayed in the Settings tab); or None, meaning it is blocked to everyone, including you. Next to each plugin, click Allow From Anywhere, Local Access Only or Deny All to change the access rules as you prefer.

Defense
The Defense tab shows all plugins with which it is possible to use Fail2Ban, which is an intrusion detection and prevention system. Once an intrusion is detected (usually by too many failed access attempts by an individual IP address within a given period of time), the potential intruder is blocked from the system for a set period of time. Change basic Defense system settings under the Settings tab.

To enable the Defense system on a plugin, click the Enable All Defense button. This will activate all defense parameters (Fail2Ban ‘jails’) available for that plugin. Click Disable All Defense to deactivate all defense parameters. To activate the parameters individually, click the Info button, then the activate/deactivate buttons next to the defense parameter in question.

As of October 2013, "Fail2Ban" is not installed by default. You can install it via the Package Manage (available in Settings > Applications). Once you have installed the Package Manager follow these steps:
 * 1) Click on "Packages" in the left column
 * 2) In the search box type
 * 3) Click "Apply"
 * 4) Click "OK"
 * 5) Click on "Security" in the left column
 * 6) Click on "Status"
 * 7) Click the triangle icon to start

Tables (Advanced)
The Tables tab is a front-end for iptables, the workhorse of Linux firewalls. This front-end gives you a graphical visualisation of your iptables chains and rules, as well as the rules that are automatically generated from the Firewall tab, and allows you to insert complex access/deny rules at any point in the firewall. You can even sort the rules by table: filter, mangle, or NAT. Click Load Current to reload the current configuration from the disk. Click Autostart when you are done writing your rules to set the selected configuration to load at boot. Use of this tool is very complex, and knowledge of iptables is required before you attempt to configure it.

Settings
Here you can change certain settings associated with the Security framework.

The local network as detected by arkOS is displayed here. This is the network(s) on which "Local Access Only" mode applies.

The rest of the settings apply to the Defense system. Change the max number of retry attempts before a potential intruder is blocked, the amount of time a potential intruder is tracked, and the amount of time for which a blocked intruder is blocked for. Note that this only changes the defaults; if an individual defense parameter for a plugin has its own settings, then these will not apply.