| Author |
Message |
Alan Browne-
Guest
|
 Posted:
Fri Jan 14, 2005 12:26 am Post subject:
Recommendations please - Firewall for desktop Linux station |
|
|
Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
I did download Bastion, but for some strange reason the de-archiving is
taking a very long time... strange behavior... I don't trust it enough
to install it.
TIA.
Alan |
|
| Back to top |
|
 |
Mark South
Guest
|
| Posted:
Fri Jan 14, 2005 12:41 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
On Thu, 13 Jan 2005 14:26:50 -0500, Alan Browne- wrote:
| Quote: | Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
|
A perfectly legitimate use for ML 10.1.
| Quote: | I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
|
In order to answer this question, it would help to know what problems you
were having with the default firewall (or would it not install properly
for some reason?)
So, more information, please.
--
Mark South: World Citizen, Net Denizen |
|
| Back to top |
|
|
Bigbob
Guest
|
| Posted:
Fri Jan 14, 2005 3:21 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
Alan Browne- wrote:
| Quote: |
Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
I did download Bastion, but for some strange reason the de-archiving is
taking a very long time... strange behavior... I don't trust it enough
to install it.
TIA.
Alan
Try Kmyfirewall |
-- |
|
| Back to top |
|
|
Jean-David Beyer
Guest
|
| Posted:
Fri Jan 14, 2005 4:18 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
Alan Browne- wrote:
| Quote: |
Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
I did download Bastion, but for some strange reason the de-archiving is
taking a very long time... strange behavior... I don't trust it enough
to install it.
Why not just set up a firewall using iptables? |
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key: 9A2FC99A Registered Machine 241939.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 18:15:00 up 13 days, 7:34, 3 users, load average: 3.06, 3.16, 3.18 |
|
| Back to top |
|
|
John Thompson
Guest
|
| Posted:
Fri Jan 14, 2005 9:07 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
["Followup-To:" header set to comp.os.linux.misc.]
On 2005-01-13, Alan Browne- <alan.browne@FreelunchVideotron.ca> wrote:
| Quote: | Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
|
Doesn't Mandrake include iptables? That's as good a firewall as any out
there.
--
John (john@os2.dhs.org) |
|
| Back to top |
|
|
Dave Stanton
Guest
|
| Posted:
Fri Jan 14, 2005 9:42 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
| Quote: | I'd like to put up a firewall. Recommendations appreciated. Ideally, the
firewall would detect programs accessing the ethernet and then put up an
"allow/deny" question box. (Lazy? er, yes.).
I did download Bastion, but for some strange reason the de-archiving is
taking a very long time... strange behavior... I don't trust it enough to
install it.
TIA.
Alan
|
If you want a gui for iptables, try Guarddog.
Dave
--
For what we are about to balls up may common sense prevent us doing it
again
in the future!! |
|
| Back to top |
|
|
Alexander Skwar
Guest
|
| Posted:
Fri Jan 14, 2005 10:35 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
· Alan Browne- <alan.browne@FreelunchVideotron.ca>:
| Quote: | I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
|
No, that's not the ideal solution. Normally, those "firewalls"
aren't needed at all.
Just configure your system so, that only the required services are
accessible from the outside. After that, no "firewall" needed.
Alexander Skwar
--
"Flattery is all right -- if you don't inhale."
-- Adlai Stevenson
________________________________________________________________________ |
|
| Back to top |
|
|
Erik
Guest
|
| Posted:
Fri Jan 14, 2005 9:18 pm Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
On Thu, 13 Jan 2005 18:18:24 -0500, Jean-David Beyer
<jdbeyer@exit109.com> wrote:
| Quote: | Alan Browne- wrote:
Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
I did download Bastion, but for some strange reason the de-archiving is
taking a very long time... strange behavior... I don't trust it enough
to install it.
Why not just set up a firewall using iptables?
|
Can be done yes, but you'll need a lot of study... well maybe you need
to study anyhow, when setting up any box as an FW...
Bob Toxen's book is good I think.
http://www.realworldlinuxsecurity.com
remember: when you roll your own, start with closing the FW for all
traffic. Then as a second step, start punching holes in it for only
the traffic you need, to the destinations you need.
so: DNS , outgoing PING traffic from only some maintenance machine,
http and mail (80,25,110) for everybody, FTP and Kazaa for only you
etc. etc.
fr gr
Erik |
|
| Back to top |
|
|
Ian Merrithew
Guest
|
| Posted:
Sat Jan 15, 2005 3:01 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
On Fri, 14 Jan 2005 04:42:05 +0000, Dave Stanton wrote:
| Quote: | If you want a gui for iptables, try Guarddog.
|
Only catch being if you come across a webpage or some other internet
service that uses an oddball port. Guarddog is primarly based around
opening/closing specific ports, so access to the oddball port you want
will be disabled until you add a custom protocol to GD's list. BitTorrent
users who use ports other than 6881, for instance.
--
Ian Merrithew - ADM Systems Engineering
ian.merrithew "at" ieee.org |
|
| Back to top |
|
|
Alan Browne-
Guest
|
| Posted:
Sun Jan 16, 2005 4:00 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
Thanks everyone for your replies. I'll look into the iptables and see
what I learn.
Cheers,
Alan.
Alan Browne- wrote:
| Quote: |
Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
I did download Bastion, but for some strange reason the de-archiving is
taking a very long time... strange behavior... I don't trust it enough
to install it.
TIA.
Alan
|
--
-- r.p.e.35mm user resource: http://www.aliasimages.com/rpe35mmur.htm
-- r.p.d.slr-systems: http://www.aliasimages.com/rpdslrsysur.htm
-- [SI] gallery & rulz: http://www.pbase.com/shootin
-- e-meil: there's no such thing as a FreeLunch. |
|
| Back to top |
|
|
Alan Browne-
Guest
|
| Posted:
Sun Jan 16, 2005 4:01 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
Mark South wrote:
| Quote: | On Thu, 13 Jan 2005 14:26:50 -0500, Alan Browne- wrote:
Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail,
ng's, etc.
A perfectly legitimate use for ML 10.1.
I'd like to put up a firewall. Recommendations appreciated. Ideally,
the firewall would detect programs accessing the ethernet and then put
up an "allow/deny" question box. (Lazy? er, yes.).
In order to answer this question, it would help to know what problems you
were having with the default firewall (or would it not install properly
for some reason?)
|
....not knowing there is a default firewall appears to be one of my
problems... I'll look into the iptables ...
Cheers,
Alan
--
-- r.p.e.35mm user resource: http://www.aliasimages.com/rpe35mmur.htm
-- r.p.d.slr-systems: http://www.aliasimages.com/rpdslrsysur.htm
-- [SI] gallery & rulz: http://www.pbase.com/shootin
-- e-meil: there's no such thing as a FreeLunch. |
|
| Back to top |
|
|
Jose Maria Lopez Hernande
Guest
|
| Posted:
Sun Jan 16, 2005 8:27 pm Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
Mark South wrote:
| Quote: | In order to answer this question, it would help to know what problems you
were having with the default firewall (or would it not install properly
for some reason?)
So, more information, please.
|
Use bastion-firewall from bgSEC, it's GPL :-)
--
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAŅA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
-- Jack Kerouac, "On the Road" |
|
| Back to top |
|
|
Mark South
Guest
|
| Posted:
Mon Jan 17, 2005 11:44 pm Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
On Sun, 16 Jan 2005 16:27:48 +0100, Jose Maria Lopez Hernandez wrote:
| Quote: | Mark South wrote:
In order to answer this question, it would help to know what problems you
were having with the default firewall (or would it not install properly
for some reason?)
So, more information, please.
Use bastion-firewall from bgSEC, it's GPL :-)
|
And it might be very nice, but Mandrake 10.1 sets up iptables by default
with generally sensible settings, so I was just wondering what problem
Alan was trying to solve with a different firewall. It turned out he was
thinking like a Symantec-on-Windows user, expecting the firewall to be
very talkative.
--
Mark South: World Citizen, Net Denizen |
|
| Back to top |
|
|
Jean-David Beyer
Guest
|
| Posted:
Tue Jan 18, 2005 1:35 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
Mark South wrote:
| Quote: | On Sun, 16 Jan 2005 16:27:48 +0100, Jose Maria Lopez Hernandez wrote:
Mark South wrote:
In order to answer this question, it would help to know what problems you
were having with the default firewall (or would it not install properly
for some reason?)
So, more information, please.
Use bastion-firewall from bgSEC, it's GPL :-)
And it might be very nice, but Mandrake 10.1 sets up iptables by default
with generally sensible settings, so I was just wondering what problem
Alan was trying to solve with a different firewall. It turned out he was
thinking like a Symantec-on-Windows user, expecting the firewall to be
very talkative.
|
What kind of talk? Mine talks quite a bit:
Jan 17 15:04:09: IPT In FIREWALL: IN=ppp0 SRC=64.124.186.66
LEN=72 TOS=0x00 PREC=0x00 TTL=42 ID=0 DF PROTO=UDP
SPT=62309 DPT=53 LEN=52
Jan 17 15:04:09: IPT In FIREWALL: IN=ppp0 SRC=212.187.170.2
LEN=72 TOS=0x00 PREC=0x00 TTL=50 ID=0 DF PROTO=UDP
SPT=43340 DPT=53 LEN=52
Jan 17 15:04:09: IPT In FIREWALL: IN=ppp0 SRC=202.222.25.4
LEN=72 TOS=0x00 PREC=0x00 TTL=43 ID=0 DF PROTO=UDP
SPT=10847 DPT=53 LEN=52
Iptables can log anything you want. You could even log all incoming and
all outgoing messages if you did not have enough to read. I seriously do
not recommend that. I used to log all rejected incoming and outgoing
messages, but I had to turn of logging of rejected pings since there are
so many.
I get rashes of this stuff, all hitting my name server (which is not open
to the public). They come in bunches so while the SRC addresses are all
different, they are obviously part of a concerted attack. I.e., I will get
a couple of dozen of these, then a 10-minute break, then another batch
from the same IP addresses. It seems to me that a lot of machines have
been infected with some virus that launches these things regularly.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key: 9A2FC99A Registered Machine 241939.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 15:25:00 up 17 days, 4:45, 6 users, load average: 4.00, 4.04, 4.06 |
|
| Back to top |
|
|
Mark South
Guest
|
| Posted:
Tue Jan 18, 2005 8:25 am Post subject:
Re: Recommendations please - Firewall for desktop Linux stat |
|
|
On Mon, 17 Jan 2005 15:35:19 -0500, Jean-David Beyer wrote:
| Quote: | And it might be very nice, but Mandrake 10.1 sets up iptables by default
with generally sensible settings, so I was just wondering what problem
Alan was trying to solve with a different firewall. It turned out he was
thinking like a Symantec-on-Windows user, expecting the firewall to be
very talkative.
What kind of talk? Mine talks quite a bit:
|
I meant Symantec-like popping-messages-to-the-display kind of behaviour as
opposed to silently writing to the logs. But that was an inference on my
part anyway.
--
Mark South: World Citizen, Net Denizen |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in