kyzzar Posted December 9, 2005 Report Share Posted December 9, 2005 Hello All, For almost one year I study the LINUX FIREWALL by myself Please does anyone can help me o guide for the simple instruction or basic to give me an idea.... Thank you... Kyzzar Link to comment Share on other sites More sharing options...
devries Posted December 9, 2005 Report Share Posted December 9, 2005 It depends on what you want to do. If you just need a basic firewall use the mandriva default settings (MCC-->Security-->Firewall' Link to comment Share on other sites More sharing options...
Jza Posted December 26, 2005 Report Share Posted December 26, 2005 Maybe he will want to know what to block and what not. I guess this will be the explanation. Are u going to host sites from here? Are u going to host files from here? Are you going to access this PC remotely? Is this a dedicated firewall PC for your network? Do you want to have rules and filters? Do you need to have authentication or just filtering/port blocking? Link to comment Share on other sites More sharing options...
Guest jammrk Posted February 11, 2006 Report Share Posted February 11, 2006 I wouldn't recommend Shorewall(the default mandriva firewall), A better choice would be firestarter("urpmi firestarter", if u have urpmi configured, if not go to http://easyurpmi.zarb.org/, and configure it immediately, it makes package management a breeze), once installed u can start if from the CLI(as root, "firestarter"), the wizard is very intuitive, and "The default Firestarter policy is as follows: New inbound connections from the Internet to the firewall or client hosts are blocked. The firewall host is freely allowed to establish new connections. All client hosts are allowed to establish new connections to the Internet, but not to the firewall host. Traffic from the Internet in response to connection requests from the firewall or client hosts is allowed back in through the firewall. This policy allows normal Internet usage such as web browsing and e-mail on the secured hosts, but blocks any attempts to access network services from the outside and shields the local network.(taken from http://www.fs-security.com/docs/policy.php) I had it installed and running in a matter minutes ! Link to comment Share on other sites More sharing options...
solarian Posted February 16, 2006 Report Share Posted February 16, 2006 Should Shorewall be uninstalled if Firestarter is installed, i.e., does Firestarter use iptables? Link to comment Share on other sites More sharing options...
scarecrow Posted February 16, 2006 Report Share Posted February 16, 2006 AFAIK all linux firewalls use iptables as backend (and before that, ipchains). Link to comment Share on other sites More sharing options...
solarian Posted February 16, 2006 Report Share Posted February 16, 2006 Thanks ------- Is Firestarter more considered a more secure firewall? (I know now, it's all iptables, but I'm talking about configuration). The thing is that I have our native Mandriva Shorewall running from MCC and everything is configured just fine with some ports open for filesharing. And I wasn't considering another firewall up to this discussion. But if Firestarter is better.. Would Firestarter be a better option for a home desktop computer? Link to comment Share on other sites More sharing options...
tyme Posted February 16, 2006 Report Share Posted February 16, 2006 i prefer firestarter over most apps because it alerts me of activity, i.e. when someone outside of the allowed IP range I have set tries to ssh into my system. and i can choose to block that IP from any access if i want. it's not more configurable, it just gives me more information. less of a "set, start and walk away" more of a "set, start, and keep me informed". it has to be run as root, which is no big deal. also, guarddog (QT whereas firestarter is GTK) is another option, though i've never used it. as far as uninstalling shorewall if you have firestarter, i imagine it'd be a good idea as the two might start conflicting on settings. it depends on how the programs work. Link to comment Share on other sites More sharing options...
paul Posted February 16, 2006 Report Share Posted February 16, 2006 Shorewall is much more of a dedicated firewall product. As tyme suggests .. shorewall is a "set, start, walk away" There is a very simple rule in firewalling that will ensure your firewall is secure. Keep it simple. Basic run of the mill very secure fw doe some thing like this. BLOCK EVERYTHING, then allow these few things Link to comment Share on other sites More sharing options...
tyme Posted February 16, 2006 Report Share Posted February 16, 2006 the ol' allow by default or deny by default options ;) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now