LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-11-2006, 12:19 AM   #1
taiwf
Member
 
Registered: Jun 2005
Distribution: debian, ubuntu, redhat,knoppix
Posts: 194

Rep: Reputation: 31
application layer firewall in linux?


HI,

I am looking for decent application firewall package. Can anyone give me some recommendation? I currently using iptables but it only does layer3 filter. I am looking for firewall can easily block messenger (or similiar chat program).


thx


chris
 
Old 04-11-2006, 01:52 AM   #2
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
you want to block by application rather than port/socket?

A simple google, or a repo check, will turn up a number of firewall tools, like firestarter and shorewall ... so distro and what you've tried would be good info here. I usd to use a commercial one: zonealarm ... at the time there was a linux varient (gratis for home use only) but, it seems, no more. However, if this is the sort of thing you want, have a look at:
http://www.linuxquestions.org/linux/...larm_for_Linux
 
Old 04-11-2006, 01:59 AM   #3
taiwf
Member
 
Registered: Jun 2005
Distribution: debian, ubuntu, redhat,knoppix
Posts: 194

Original Poster
Rep: Reputation: 31
I thought both firestarter and shorewall are iptables based firewall which mean its only L3 packet filtering right (i presume they just add an GUI on iptables )? Zonealrm i never see before in linux port but will look up more although it appear to me more for workstation then a server (which is what i used).

Sorry that forgot to inc the distro i use. I am using debian sarge 3.1 .
 
Old 04-11-2006, 02:40 AM   #4
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
firestarter also lets you view and manage active processes via a gui - xchat is one of the examples used on the site: http://www.fs-security.com/

The link I sent you should be inspected too.

Quote:
It is well-known that firewalls can be loosely categorized into proxies and packet filters. The latter "know" the application-level protocols such as telnet, HTTP or SMTP and can inspect the protocol payloads and verify the commands. This comes at a significant performance penalty since packets have to be processed higher in the network protocol stack in application layer.
... if this sounds like what you would like. See: http://www.securityfocus.com/infocus/1531

It's just that when folk want application layer controls they are usually just wanting zone-alarm/windows style firewall interface.
 
Old 04-11-2006, 04:54 AM   #5
shame
Member
 
Registered: Apr 2006
Location: England
Distribution: Debian Sidux - openSUSE
Posts: 261

Rep: Reputation: 30
Firestarter and Guarddog allow you to block certain protocols, which would allow you to block yahoo messenger and other chat programs.
There is one application based firewall for linux that I know of - TuxGuardian - http://tuxguardian.sourceforge.net/
Quote:
With TuxGuardian you'll be able to implement access control policies to the network resources in order to identify and control every application that tries to access the network.
I tried it many months ago and couldn't get the dependencies sorted out but I'm thinking of giving it another go.

Last edited by shame; 04-11-2006 at 04:55 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DVD Drives - Dual Layer or double layer? Groundhog1248 Linux - Hardware 2 09-23-2009 09:30 PM
Application Layer Packet Classifier for Linux (l7-filter) stomach Linux - Software 1 09-10-2005 01:04 AM
Dual Layer ISO onto 2 Single Layer Medias iammike Suse/Novell 3 05-11-2005 05:15 PM
Application layer firewalls TheIrish Linux - Security 1 06-16-2004 03:52 AM
I need a Linux Content/Application Filtering Firewall rootking Linux - Networking 1 10-18-2003 07:39 AM


All times are GMT -5. The time now is 06:16 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration