LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-16-2005, 02:37 PM   #1
anti.corp
Member
 
Registered: Nov 2005
Location: Copenhagen
Distribution: Debian E, Vectorlinux 5.1std, Arch, Gentoo 2006.0
Posts: 576

Rep: Reputation: 30
Is a firewall neccesary?


Hi,

Im running slackware 10.2 on my work computer, now I just want to hear if it's necessary to install/configure a firewall on it?

Does Slackware have a 'build in' firewall? Or does it just offer better security than windows xp?

Earlier I used Fedora & Suse, they had 'build in firewalls' so I didn't think about the security that much

Is there any reason for getting paranoid about this?
 
Old 11-16-2005, 02:46 PM   #2
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 470Reputation: 470Reputation: 470Reputation: 470Reputation: 470
Slackware, as with all distros, comes with IPTables. That can be a little daunting, so grab Firestarter or GuardDog if you want a GUI frontend which makes things easier to configure.

And, if you are connecting to the internet, you definitely do need a firewall.
 
Old 11-16-2005, 02:48 PM   #3
tuxrules
Senior Member
 
Registered: Jun 2004
Location: Chicago
Distribution: Slackware64 -current
Posts: 1,144

Rep: Reputation: 56
I, for one, would say that you should. There are good gui-based firewall available for slackware. I've used firestarter. You can also check out guarddog if you are using KDE.

Tux,
 
Old 11-16-2005, 02:48 PM   #4
angel115
Member
 
Registered: Jul 2005
Location: France / Ireland
Distribution: Debian mainly, and Ubuntu
Posts: 532

Rep: Reputation: 78
All distribution has a buildin firewall it's called 'iptables'. The only thing you have to do is to set it up with your roule.
Check on the man pages or/and on the net you have plainty of site who will explain you how to set it up.
 
Old 11-16-2005, 03:53 PM   #5
anti.corp
Member
 
Registered: Nov 2005
Location: Copenhagen
Distribution: Debian E, Vectorlinux 5.1std, Arch, Gentoo 2006.0
Posts: 576

Original Poster
Rep: Reputation: 30
Thanks for sorting things out for me.

I just installed GuardDog & currently configuring it.
 
Old 11-17-2005, 10:57 AM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,148
Blog Entries: 4

Rep: Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716Reputation: 2716
I use a cable-modem connection and the first thing that's downstream from the modem is a firewall-equipped router.

Each of the computers downstream from the router also have their own firewalls enabled.

The purpose of a firewall is to separate what is "inside" from what is "outside." For example, you probably don't want someone in another continent to be able to print to your printer or to share your local files ... but without a firewall, that person in another continent is "local!" A firewall would filter that kind of traffic: packets from outside would not be allowed to come in, and these sort of packets could be exchanged on the local ("inside") network but would not be permitted to flow out.
 
Old 11-17-2005, 07:59 PM   #7
chemdawg
Member
 
Registered: Jan 2005
Distribution: Mandriva
Posts: 206

Rep: Reputation: 30
I use IPCop, it seems to work well. I guess the only disadvantage is that it requires its own box. What do you guys think of IPCop?
 
Old 11-17-2005, 09:32 PM   #8
Lleb_KCir
Senior Member
 
Registered: Nov 2003
Location: Orlando FL
Distribution: Debian
Posts: 1,765

Rep: Reputation: 45
Quote:
Originally posted by chemdawg
I use IPCop, it seems to work well. I guess the only disadvantage is that it requires its own box. What do you guys think of IPCop?
i use it at my house and at my office. i will not trade it for any other firewall ATM.

yes it uses its own stand alone box, but that is the best thing. 100% of the RAM and CPU time that IPCop uses has zero to do with the performance of my workstations or servers. my IPCop at the house is way over powered running on an old PII 2xx with 3xxM ram. the one i have at the office is also over powered, but i might increase the ram as i tend to push things more here at the office then at the house: PII 266 with 128M ram. i might up that to 256M ram as i am constantly at 90% ram usage due to the much heavier traffic at the office.

as for a firewall. iptables is hard to understand, but here is a great book i sujest buying and reading:

Linux Firewalls by Robert Ziegler. i have the 2nd edition, but there are newer vs out there. thankfully iptables has not changed enough since this book to matter, but what ever edition is out now, grab it. should run you between $30-50USD.

FYI, you can pick up an old PII for under $50 with 2 NICs and 128M ram and a 4-6G hard drive you are golden. best part about IPCop is it is a 50M CD that takes roughly 10-15min to install the complete firewall and you are up and running.
 
Old 11-18-2005, 12:21 PM   #9
chemdawg
Member
 
Registered: Jan 2005
Distribution: Mandriva
Posts: 206

Rep: Reputation: 30
Quote:
Originally posted by Lleb_KCir
i use it at my house and at my office. i will not trade it for any other firewall ATM.

yes it uses its own stand alone box, but that is the best thing. 100% of the RAM and CPU time that IPCop uses has zero to do with the performance of my workstations or servers. my IPCop at the house is way over powered running on an old PII 2xx with 3xxM ram. the one i have at the office is also over powered, but i might increase the ram as i tend to push things more here at the office then at the house: PII 266 with 128M ram. i might up that to 256M ram as i am constantly at 90% ram usage due to the much heavier traffic at the office.

as for a firewall. iptables is hard to understand, but here is a great book i sujest buying and reading:

Linux Firewalls by Robert Ziegler. i have the 2nd edition, but there are newer vs out there. thankfully iptables has not changed enough since this book to matter, but what ever edition is out now, grab it. should run you between $30-50USD.

FYI, you can pick up an old PII for under $50 with 2 NICs and 128M ram and a 4-6G hard drive you are golden. best part about IPCop is it is a 50M CD that takes roughly 10-15min to install the complete firewall and you are up and running.

I couldn't agree more with all you have said. Mine runs on an old Dell which I think has a celeron processor and 128 mb ram. Mine has a 4G hard drive, a cdrom, and a floppy drive. Mine has 4 NIC's since I run a server and a WAP on it as well. The best thing about it is that you don't need a monitor - all your maintenance can be done through any internet browser on any computer on your network. Not only that, but if you back up your settings on a floppy drive, you can re-install the whole thing to a completely new hard drive (in case of failure) by just putting in the cd and the floppy. Amazing.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
coping neccesary python files to chroot area dominant Linux - Security 6 12-17-2004 03:30 AM
Stripping Debian down to only neccesary applications SetAbomination Debian 7 11-29-2004 01:51 PM
slackware's /etc/rc.d/rc.firewall equivalent ||| firewall script startup win32sux Debian 1 03-06-2004 09:15 PM
is SASL neccesary? mooreted Linux - Software 1 02-22-2004 12:54 PM
Firewall Builder sample firewall policy file ? (.xml) nuwanguy Linux - Networking 0 09-13-2003 12:32 PM


All times are GMT -5. The time now is 09:43 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration