Hey there. I'm currentlu running Debian sarge, and I've just finished installing almost everything I need
One thing that I don't know if I'l bother with, is a firewall. I asume that by simply not using microsoft windows and NOT being loged on as root my internet security level has increased by leaps and bounds... at least I think (plz correct me if I'm wrong)
I was thinking about installing Guarddog or Kmyfirewall, but I want to know if it's really a necesity. From experience I know firewall programs, at least in windows, have a very nice ''irritation potential'' , which I'd like to avoid, if posible
Any thoughts are very welcome
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Is having a firewall a real necesity?
I think it partially depends on your home network setup. For example, I have my home computers running through a router. A router has a built in firewall that you can setup to block incoming or outgoing ports, and for whichever computer.
If your computer is hooked directly up to your modem then I'd say look into setting up a firewall for safe measure. Some of the "default" Linux firewall programs are ipchains and iptables. Since I've never really needed a firewall on my local machine I've never bothered looking into these programs, but I've heard they do the job well.
Running Linux over Windows is a 1-up (ok maybe a 100-up) on system security, but it doesn't hurt to take the extra step and set up a firewall on Linux anyway. You'll probably learn something along the way aswell.
If your computer is hooked directly up to your modem then I'd say look into setting up a firewall for safe measure. Some of the "default" Linux firewall programs are ipchains and iptables. Since I've never really needed a firewall on my local machine I've never bothered looking into these programs, but I've heard they do the job well.
Running Linux over Windows is a 1-up (ok maybe a 100-up) on system security, but it doesn't hurt to take the extra step and set up a firewall on Linux anyway. You'll probably learn something along the way aswell.
I have very little experience with firewalls in GNU/Linux, but Firestarter seems to be a good one: http://www.fs-security.com/docs/tutorial.php Very easy to set up and use, and seems very reliable from what I've heard, and from my own experience with it. Irritation factor is vanishingly small.
Dren's got a good point about routers. But, even though I'm behind one, I decided to run Firestarter as well.
Dren's got a good point about routers. But, even though I'm behind one, I decided to run Firestarter as well.
Debian GNU/Linux 3.1
-
mr
Firewall is nice to have.
Since your gateway is a Windows box, it surely has a firewall running on it that protects the boxes underneath it.
As for your Linux box, it doesn't hurt to have another firewall installed. It work as an extra protection from the outside of your network and as a way for you to setup a security control in the level of your internal network.
Firestarter is a nice firewall tool.
Cheers,
Domecq
Since your gateway is a Windows box, it surely has a firewall running on it that protects the boxes underneath it.
As for your Linux box, it doesn't hurt to have another firewall installed. It work as an extra protection from the outside of your network and as a way for you to setup a security control in the level of your internal network.
Firestarter is a nice firewall tool.
Cheers,
Domecq
Re: Sources
Im sorry, but I didn't understand your requestAnonymous wrote:I'd like to know about more sources of information about "everything". Thanks.mr wrote: I'm currentlu running Debian sarge, and I've just finished installing almost everything I need.
three hand online poker neteller casino
Re: Sources
That was a web bot, spam. Don't worry about it.mr wrote:Im sorry, but I didn't understand your request
Are you sure that's correct? IIRC, when I installed Firestarter (apt-getting from the Debian repository) it added start-up files to /etc/init.d so that the firewall starts on boot-up.domecq wrote:Yes, it's necessary to start it everytime you log in.
It has an option to start at the background and, alternatively, you can choose it to automatically start in Gnome.
What doesn't start up, unless you do it manually or add it to your Gnome start-up or whatever, is the GUI front-end that you can use for configuration and that will also display a "jagged lightning" icon in your systray whenever it intercepts a packet.
-
aaronhoy
firewalls in general
What do you really need a firewall for anyway? Someone please correct me if i'm wrong but from my understanding a firewall just blocks all the ports except for the ones you will be using (like 80) to keep anyone from accessing your computer through some normally not used port without you knowing. What I want to know is, what do you have programs listening on these extra ports for anyway. If someone tried to make a socket connection on a port that you dont have a process listening on, nothing will happen. The only way for them to make a connection is if you have a process listening on that port. I dont understand why any programs would be doing so....
-
ikkuh
What about logging all those socketconnections on ports that aren't in use?
also, what if I want give only a specific ip range/adress access to one of my service?
Also what if I want to be able to block all traffic from some ip that has been trying to brute-force my ssh login, all these things among many others like bandwidth q's and DDOS protection.
So appart from only locking down unused ports, packetfilters are doing much more than that, also there exists really advanced proxy firewalls that acually filter on the content of a packet insteadt of just the source and destination (they operate on a different osi layer).
If you have no internet access, there is no need for a firewall.
If you are, I do strongly recommend to run one, with a simple setup, logging portscans and login attempt, so you are able to monitor them and deny access to those adresses.
also, what if I want give only a specific ip range/adress access to one of my service?
Also what if I want to be able to block all traffic from some ip that has been trying to brute-force my ssh login, all these things among many others like bandwidth q's and DDOS protection.
So appart from only locking down unused ports, packetfilters are doing much more than that, also there exists really advanced proxy firewalls that acually filter on the content of a packet insteadt of just the source and destination (they operate on a different osi layer).
If you have no internet access, there is no need for a firewall.
If you are, I do strongly recommend to run one, with a simple setup, logging portscans and login attempt, so you are able to monitor them and deny access to those adresses.
As has been posted before, if you are behind a router with some kind of software or hardware firewall (such as NAT - Network Address Translation), then you really don't _need_ a firewall unless you want added filtering as ikkuh is suggesting.
However, those ports that you do let through the router (I for example, let web, webmin, ssh, etc, traffic through), you should monitor those ports using an intrusion detection system like snort. I go a further step by monitoring file integrity using samhain to keep a check in case files have been modified without my consent.
However, those ports that you do let through the router (I for example, let web, webmin, ssh, etc, traffic through), you should monitor those ports using an intrusion detection system like snort. I go a further step by monitoring file integrity using samhain to keep a check in case files have been modified without my consent.
I'm using Firestarter and just want to confirm that it starts automatically at boot. I'm maybe a bit paranoid since I'm behind a router/ firewall but I just feel uncomfortable without running a local firewall on each machine on my network. And it dosen't eat that many cpu cycles extra.john_h wrote:Are you sure that's correct? IIRC, when I installed Firestarter (apt-getting from the Debian repository) it added start-up files to /etc/init.d so that the firewall starts on boot-up.domecq wrote:Yes, it's necessary to start it everytime you log in.
It has an option to start at the background and, alternatively, you can choose it to automatically start in Gnome.
Tina
-
Guest
Has anyone tried Edinaldo La-Roque's Xfwall?
http://forums.debian.net/viewtopic.php?t=3167
It looks like it is very polished and easy to use and configure.
I just got the Debian package and will try it out this weekend.
http://forums.debian.net/viewtopic.php?t=3167
It looks like it is very polished and easy to use and configure.
I just got the Debian package and will try it out this weekend.
I'v installed firestarter. It suits my needs precisely and I am writing this follow-up notes here so that someone who is new can be benefited from it.
I am using Etch with kernel 2.6.15-1-686.
To install the firestarter: as root will do.
There is an excellent documentation for Firestarter here (Read this first).
It is extremely easy to setup and use. As a default setting, all the inbound connections are blocked but you are freely allowed to established new connections. All the blocked connections with IP addresses are logged very clearly. You can even view currently active connections with all IP addresses and port numbers in use. You can configure more in-depth according to your needs later on. I must say that it is a very cool software. During last 3 hours, Firestarter has blocked 313 inbound connections which I don't authorize and out of 313, 303 is serious (uni campus LAN). These are the informations I got from the Status tab in Firestarter. No harm at all, you should try it if you are looking for a firewall solution.
Regards,
N.O
I am using Etch with kernel 2.6.15-1-686.
To install the firestarter:
Code: Select all
apt-get install firestarterThere is an excellent documentation for Firestarter here (Read this first).
It is extremely easy to setup and use. As a default setting, all the inbound connections are blocked but you are freely allowed to established new connections. All the blocked connections with IP addresses are logged very clearly. You can even view currently active connections with all IP addresses and port numbers in use. You can configure more in-depth according to your needs later on. I must say that it is a very cool software. During last 3 hours, Firestarter has blocked 313 inbound connections which I don't authorize and out of 313, 303 is serious (uni campus LAN). These are the informations I got from the Status tab in Firestarter. No harm at all, you should try it if you are looking for a firewall solution.
Regards,
N.O
Everyone should have some sort of firewall. You probably won't keep out a really skilled invader, but it will stop the script kiddy next door. I know some techs who have seen Linux servers invaded. It's not common, but it does happen, so a little precaution is advised.
I use Firestarter, which works admirably. And, yes Tina, it does start at boot up.
I use Firestarter, which works admirably. And, yes Tina, it does start at boot up.