PDA

View Full Version : What's a good firewall 4 my hdinstall? Thanks!



ricardomardi
02-02-2004, 01:31 PM
Hi,

I'm reading everywhere I can to try to find out how to set up a good firewall on my knoppix hdinstall.

I tried reading the manuals, but if someone could please let me know of what you think is a good firewall 4 knoppix.

There must be many, I'd like to know what's the best flavour & where to get it from.

Any help would be GREATLY APRECIATED.

Thank you in advance!

R.

gowator
02-02-2004, 01:41 PM
Basically all firewalls are front ends to setting up IPTABLES
(This is good becuase its damnded hard)
Once you understand it then you can just use WEBMIN firewall to manipulate the IPTABLES....

However its a chicken/egg situation, you need a understanding of it to get it working and you gain understanding by having it working....

I quite like shorewall, it takes away the headache while letting you understand what its doing....

Its easy to disable if you set it up wrong as well which is an added bonus.
Shorewall has both very good documentation and very good quickstart guides which get it up and running quick.
Then its up to you to learn or not....

Eventually you might decide to ditch the firewall and set it up yourself becuase you have more control/understanding... but by then its played its use.

garyng
02-05-2004, 06:48 AM
First ask why do you need a firewall ? If it is the only machine you have and it is linux, you don't need one in general. there isn't that many hidden holes opened like Microsoft's.

A standard setup like knoppix may just have ssh port opened, not even remote X so you are already firewalled :-)

Unless you are worrying of those worms you accidentally downloaded taking over your machine and send things you don't know. But these worms again usually targets Windows and is not effective on linux at all.

But if you still think you need firewall, give shorewall a try. Its default setup should be enough for a most but don't be surprised that you can no longer access the net from your machine as its default is not allowing the machine running to reach the net ! and as gowator said, they are all just iptables wrappers.

ricardomardi
02-17-2004, 01:36 PM
Thank you gowator, I might try what you said, I apreciate your advice.

Hi garyng, thanks so much for your kind advice, I was relieved when I read your reply.
Really glad to read your comments.


Good luck guys!

Regards
R.

FelixDzerzhinsky
03-01-2004, 08:25 PM
Try bastille.

apt-get install bastille then follow the destructions.

I also had to

apt-get install pert-tk

to make it work.

After you install bastille you need to reboot (unusual in linux) for it to work.

Bastille teaches you about security while you go through the steps to set up the firewall.

After you install bastille or guarddog or your choice of firewall I recommend you go to:

www.grc.com

and give it the Shields Up Test.

Mine worked (after I rebooted bastille)

Loper
03-01-2004, 10:09 PM
I tried reading the manuals, but if someone could please let me know of what you think is a good firewall 4 knoppix.
I use Guarddog. It has a good front-end for very easy set up.

sn0wflake
03-27-2004, 03:07 PM
A router.

Max
03-28-2004, 03:03 AM
Firestarter?

garyng
03-29-2004, 06:16 PM
A router.

That is in general true but if one wants to play some nice tricks, a homebrew linux would have much more fun.

In fact, I am temped to buy a Linksys wireless router(which runs linux anyway) and load additional programs onto in making it becoming my home gateway to activate my various machines behind it when I am on the road(the electricity bill can be huge when having a number of today's power hungry machine on 24/7). A standard router just can't do this kind of thing :-)