Jump to content

what's a good firewall?


curtis e. bear
 Share

Recommended Posts

...or you could always just have someone nmap you, a little more comprehensive and less tainted with Steve Gibson Marketing Exclamation Marks!!!!!!!!!!!

 

God I thought this topic was dead and gone! :cheesy:

I've been using guarddog and MMC stardard security (MDV 2006 cooker current) I can fairly easily see what's being bounced by looking at /var/log/kernel/error (I have guarddog dump the stuff in error - less trash than in warning)

 

Yeah, I always use GRC and ignore all the ads. I did like it when I had DSL cause the westel 2200 modem had a nice little firewall in it that was easily adjustable - that was back in the days when I was using Tiny Pers FW which changed to Kerio about the time I was really realizing I really wanted to get the hell away from windows and netbios and ntp and all that fine stuffs.

 

I suppose I could get a router to put in series with my Comcast surfboard 5120. The "random pings" have died down a lot since I went to Linux. but occasionally I notice a rash from everything else on the Comcast node - newbies testing everything local looking for a sucker! The "distant" netbios pings dies out very quickly when I'm off windows.

 

Anyway, Guarddog has been good to me (I also think firestarter is fine), but Azureus just went to v3 and in doing so I think they changed their "desires" from tcp 6881 to tcp&UDP 6881-6889 I run Azureus when I can - upload the i586 2005LE DVD and I'm still getting a lot of demand for it (40 after 5 minutes), so either more folks are trying MDV (yay!) or more folks are shifting to DVD format - either way, I've found the DVD format a huge blessing when installing and when updating - just one platter to feed to my machine and that's it! But I will pursue with Azureus and Simon (guarddog author)about Azureus' v3 changes on port needs.

 

BUT - what I wanted to ask Adam was if he knew of anything better than GRC?

Peas.

Kristi

Edited by kristi
Link to comment
Share on other sites

Is there anythin wrong with the standart Shorewall?

I pretty much know all the ports that have to be allowed, so minimal interface is not really a problem for me.

Is there anything that Guarddog does better in security?

Link to comment
Share on other sites

Is there anythin wrong with the standart Shorewall?

I pretty much know all the ports that have to be allowed, so minimal interface is not really a problem for me.

Is there anything that Guarddog does better in security?

I don't know shorewall, though I tried to learn it a bit. Guard just seemed easier to me at the time so I went with it. Probably neither one is "best" but I'd like to hear from other folks who know shorewall :D

 

Kristi

Link to comment
Share on other sites

HAHAHAHAHA
Unable to connect with NetBIOS to your computer.

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

 

suckers! :beer:

tested my pc through shields-up with all their tests (not just the Windows specific one :D)

all is stealthed apart from one port that reports as closed*

Running Shorewall (that came with mdk) with some ports open for file sharing, everything else is on lockdown.

 

* 113

IDENT

Closed Your computer has responded that this port exists but is currently closed to connections.

 

How'd you do that and what are the implications of having things locked down that tight?

Link to comment
Share on other sites

I didn't do anything special.

Just installed Mandrake integrated Shorewall then went to MCC -> Security -> Firewall

ticked off everything and manually entered the ports I want to have access to net.

If you want you can disable http, ftp and other protocols, default allowed ports through /etc/shorewall/rules

 

Anyways, whenever I install a program that needs to access the net, I just look up what ports it uses and open them. Have a few such programs.

 

The implications? None that I know of apart that you need to know which ports to allow.

 

p.s. Somebody please tell about Shorewall vs Guarddog from security point of view, skip the interface.

Link to comment
Share on other sites

How'd you do that and what are the implications of having things locked down that tight?

 

afaik, ports are

a ) "open" - they (your computer) will acknowledge a ping and ask what you would like to send it. Bad unless you are using that port and know that only what you want is getting through.

 

b ) "closed" they will acknowledge a ping but not receive data. This tells a hacker that there is a computer there, and that that port will respond (if negatively). Depending on the port, and the response, the hacker may persist with different commands/data, and try to get an opening.

 

c ) "stealth" your computer receives the other computer's ping but does nothing. The other computer does not know if there is a computer/port there or not and will probably go waste time elsewhere.

Kristi

 

EDIT - ports are by default closed or open. A firewall is what sets up the rules in the Linux IPtableV4, and determines what is closed or stealthed.

Edited by kristi
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...