Is having a firewall a real necesity?

If none of the more specific forums is the right place to ask

Is having a firewall a real necesity?

Postby mr » 2005-12-27 00:41

Hey there. I'm currentlu running Debian sarge, and I've just finished installing almost everything I need

One thing that I don't know if I'l bother with, is a firewall. I asume that by simply not using microsoft windows and NOT being loged on as root my internet security level has increased by leaps and bounds... at least I think (plz correct me if I'm wrong)

I was thinking about installing Guarddog or Kmyfirewall, but I want to know if it's really a necesity. From experience I know firewall programs, at least in windows, have a very nice ''irritation potential'' , which I'd like to avoid, if posible

Any thoughts are very welcome
mr
 

Postby Scotti » 2005-12-27 06:17

I think it partially depends on your home network setup. For example, I have my home computers running through a router. A router has a built in firewall that you can setup to block incoming or outgoing ports, and for whichever computer.

If your computer is hooked directly up to your modem then I'd say look into setting up a firewall for safe measure. Some of the "default" Linux firewall programs are ipchains and iptables. Since I've never really needed a firewall on my local machine I've never bothered looking into these programs, but I've heard they do the job well.

Running Linux over Windows is a 1-up (ok maybe a 100-up) on system security, but it doesn't hurt to take the extra step and set up a firewall on Linux anyway. You'll probably learn something along the way aswell. ;-)
Scotti
Moderator Team Member
 
Posts: 312
Joined: 2005-11-08 01:13

Postby inconnu » 2005-12-27 13:33

I have very little experience with firewalls in GNU/Linux, but Firestarter seems to be a good one: http://www.fs-security.com/docs/tutorial.php Very easy to set up and use, and seems very reliable from what I've heard, and from my own experience with it. Irritation factor is vanishingly small.

Dren's got a good point about routers. But, even though I'm behind one, I decided to run Firestarter as well.
Debian GNU/Linux 3.1
inconnu
 
Posts: 60
Joined: 2005-09-04 05:56

Postby mr » 2005-12-27 17:21

Ops, forgot to mention my setup. I am currently behind a lan, the gateway is a Windows XP box running Internet shareing

Now that I think about it, this might be worst thab being directly conected with no firewall...

Thanks for the firestarter tip, I'l look into it
mr
 

Postby domecq » 2005-12-28 01:34

Firewall is nice to have.
Since your gateway is a Windows box, it surely has a firewall running on it that protects the boxes underneath it.
As for your Linux box, it doesn't hurt to have another firewall installed. It work as an extra protection from the outside of your network and as a way for you to setup a security control in the level of your internal network.
Firestarter is a nice firewall tool.

Cheers,

Domecq
User avatar
domecq
Moderator Team Member
 
Posts: 560
Joined: 2005-10-18 00:53
Location: Montréal, Canada

Re: Sources

Postby mr » 2005-12-28 08:03

Anonymous wrote:
mr wrote: I'm currentlu running Debian sarge, and I've just finished installing almost everything I need.


I'd like to know about more sources of information about "everything". Thanks.

three hand online poker neteller casino


Im sorry, but I didn't understand your request :?:
mr
 
Posts: 16
Joined: 2005-12-28 08:01

Re: Sources

Postby Scotti » 2005-12-28 13:38

mr wrote:Im sorry, but I didn't understand your request :?:


That was a web bot, spam. Don't worry about it.
Scotti
Moderator Team Member
 
Posts: 312
Joined: 2005-11-08 01:13

Postby bohu » 2005-12-28 15:32

Is it necessary to start Firestarter everytime I log in? Or is firestarter just used to edit some other thing that runs automatically?
---------- NRA certified pistol instructor, linux advocate, bookworm, pitbull enthusiast ----------
User avatar
bohu
 
Posts: 83
Joined: 2005-12-27 22:35
Location: Southwest Missouri, near Branson

Postby domecq » 2005-12-28 15:52

Yes, it's necessary to start it everytime you log in.
It has an option to start at the background and, alternatively, you can choose it to automatically start in Gnome.

Domecq
User avatar
domecq
Moderator Team Member
 
Posts: 560
Joined: 2005-10-18 00:53
Location: Montréal, Canada

Postby john_h » 2006-01-12 12:01

domecq wrote:Yes, it's necessary to start it everytime you log in.
It has an option to start at the background and, alternatively, you can choose it to automatically start in Gnome.

Are you sure that's correct? IIRC, when I installed Firestarter (apt-getting from the Debian repository) it added start-up files to /etc/init.d so that the firewall starts on boot-up.

What doesn't start up, unless you do it manually or add it to your Gnome start-up or whatever, is the GUI front-end that you can use for configuration and that will also display a "jagged lightning" icon in your systray whenever it intercepts a packet.
john_h
 
Posts: 220
Joined: 2005-11-17 13:01

firewalls in general

Postby aaronhoy » 2006-01-13 23:29

What do you really need a firewall for anyway? Someone please correct me if i'm wrong but from my understanding a firewall just blocks all the ports except for the ones you will be using (like 80) to keep anyone from accessing your computer through some normally not used port without you knowing. What I want to know is, what do you have programs listening on these extra ports for anyway. If someone tried to make a socket connection on a port that you dont have a process listening on, nothing will happen. The only way for them to make a connection is if you have a process listening on that port. I dont understand why any programs would be doing so....
aaronhoy
 

Postby ikkuh » 2006-01-17 14:38

What about logging all those socketconnections on ports that aren't in use?
also, what if I want give only a specific ip range/adress access to one of my service?
Also what if I want to be able to block all traffic from some ip that has been trying to brute-force my ssh login, all these things among many others like bandwidth q's and DDOS protection.
So appart from only locking down unused ports, packetfilters are doing much more than that, also there exists really advanced proxy firewalls that acually filter on the content of a packet insteadt of just the source and destination (they operate on a different osi layer).

If you have no internet access, there is no need for a firewall.
If you are, I do strongly recommend to run one, with a simple setup, logging portscans and login attempt, so you are able to monitor them and deny access to those adresses.
ikkuh
 

Postby clydefrog » 2006-01-19 16:39

As has been posted before, if you are behind a router with some kind of software or hardware firewall (such as NAT - Network Address Translation), then you really don't _need_ a firewall unless you want added filtering as ikkuh is suggesting.

However, those ports that you do let through the router (I for example, let web, webmin, ssh, etc, traffic through), you should monitor those ports using an intrusion detection system like snort. I go a further step by monitoring file integrity using samhain to keep a check in case files have been modified without my consent.
clydefrog
 
Posts: 20
Joined: 2006-01-19 15:51
Location: Norwich UK

Postby Lavene » 2006-01-19 20:20

john_h wrote:
domecq wrote:Yes, it's necessary to start it everytime you log in.
It has an option to start at the background and, alternatively, you can choose it to automatically start in Gnome.

Are you sure that's correct? IIRC, when I installed Firestarter (apt-getting from the Debian repository) it added start-up files to /etc/init.d so that the firewall starts on boot-up.


I'm using Firestarter and just want to confirm that it starts automatically at boot. I'm maybe a bit paranoid since I'm behind a router/ firewall but I just feel uncomfortable without running a local firewall on each machine on my network. And it dosen't eat that many cpu cycles extra.

Tina
Lavene
Site admin
 
Posts: 5096
Joined: 2006-01-04 04:26
Location: Oslo, Norway

Postby Guest » 2006-01-19 21:22

Has anyone tried Edinaldo La-Roque's Xfwall?
viewtopic.php?t=3167
It looks like it is very polished and easy to use and configure.
I just got the Debian package and will try it out this weekend.
Guest
 

Next

Return to General Questions

Who is online

Users browsing this forum: No registered users and 17 guests

fashionable