LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-20-2009, 10:42 AM   #1
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022
Blog Entries: 19

Rep: Reputation: 146Reputation: 146
Firestarter firewall configuration ?? error ??


Firestarter keeps blocking The IP Address x.x.x.x on different ports.

Ubuntu GNOME Network Manager Connection Information:
For Wireless Network Connection wlan0:
network (default)
IP Address: x.x.x.x
Broadcast Address: y.y.y.y
Subnet Mask: z.z.z.z
Default Route: o.o.o.o
Primary DNS: l.l.l.l
Secondary DNS: i.i.i.i

I want to be able to browse the Internet (HTTP?, HTTPS?)
Check my Mail using Thunderbird (POP3 SSL, SMTP)
Download Files using qBittorrent (ports x-x)
And let Ubuntu connect to the Internt for Updates.
I don't need anything else.
How do I configure Firestarter to do this?
Currently I have HTTP, HTTPS, POP3 SSL, SMTP and Bittorrent ports in the exception list for outbound and inbound connections whitelisted (allowed, only). Because of annoying alerts for blocked connections of my own IP address I whitelisted that (x.x.x.x). But it hasn't done anything. How do I configure Firestarter properly to protect my computer and let me do those things?
I'm a newbie at IP tables so please use Plain English so I can understand. I'm really confused? Thanks Much LQ. Most appreciated.
 
Old 12-20-2009, 12:11 PM   #2
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,070

Rep: Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897
Quote:
Originally Posted by leopard View Post
I'm a newbie at IP tables so please use Plain English so I can understand.
I'm sorry to give in to this but Please describe your problem adequately so that the rest of us have a chance of helping.

The information that you give with all of the addresses obfuscated is basically non-information after you have obscured all of the IP information (it makes sense to obscure the external IP given to you by your ISP, but I can't see why the rest would be at issue provided that you use an adress range that isn't routable on the internet - eg, 192.168.x.y or 10.x.y.z). Oh, and use code tags with anything like that, for readability.

I want to know what kind of connection this is (wired ethernet, wireless, USB, other) to what kind of device (does it have ethernet ports, is it a modem/router, is it a USB thumb device, does it have an internal firewall), and how is it configured (is it using DHCP, for example) what kind of internet connection this is (ADSL, wireless, ISDN, fibre, dial-up), what distribution you are using.

Whether you want to use plain English, fancy English, Esperanto, Klingon or binary is up to you, but one selection from the above will make the helpful kind of help more likely than others.

You could post your iptables rule set (use iptables-save to get it into a text file) and that might help.
 
Old 12-20-2009, 09:22 PM   #3
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022

Original Poster
Blog Entries: 19

Rep: Reputation: 146Reputation: 146
Smile

My apologies, salasi.

General Information:
I am using a Wireless Connection (wlan0). I also use an Ethernet connection as well (eth0). My Internet connection is cable, which goes through some type of "modem", and then from there: a Linksys G router. I am Using Ubuntu Karmic Koala 9.10.

I was too naive in my thinking this problem was trivial; I appreciate your reply.

Here is the information Ubuntu Network Manager reports (less obscured and in code tags):
Code:
Interface: 802.11 WiFi (wlan0)
Speed: 48 Mbps
Security: WPA/WPA2

IP Address: x.x.x.x
Broadcast Address: 192.168.z.z
Subnet Mask: 255.255.255.0
Default Route: 192.168.1.1
Primary DNS: 68.105.x.x
Secondary DNS: 68.105.x.x
I want to be as secure as possible; All I want to be able to do is:
  • Browse the Internet and download stuff (like programs) in Firefox.
  • Send/receive mail using Mozilla Thunderbird + Lightning.
  • Use qBittorrent and Transmission Bittorrent clients to download torrents off the Internet.
  • Allow Ubuntu to get and download updates.
  • And, use all of the repositories.

Here's my current firewall configuration, to make it easier:
  1. I have the Firestarter firewall configuration front-end/program, that I downloaded using Ubuntus' repositories.
  2. I configured it to allow inbound/outbound access to: HTTP, HTTPS, POP3, SMTP and qBittorrent.
  3. Allowed my IP Address x.x.x.x inbound/outbound access.
  4. Enabled ICMP filtering with nothing allowed.
  5. I have enabled DHCP. See Note in parentheses: (I don't know If I have DHCP or not, because Ubuntu doesn't say anything about it, but in Microsoft Windows. when I go to my connection info it says "IP Address: assigned by DHCP", which is why I enabled it.)
  6. Preferred method of rejecting packets: Drop Silently.
  7. And lastly, Blocked traffic broadcasts from external network.

As for iptables-save, it completed but I didn't know where it saved and I couldn't define my own path where to save it so I gave up. Instead I typed iptable --help and found iptables --list command, so here it is (x.x.x.x is my IP address, ISP is my internet service provider):
Code:
sudo iptables --list
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  cdns1.cox.net        anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN 
ACCEPT     udp  --  cdns1.ISP.net        anywhere            
ACCEPT     tcp  --  cdns6.ISP.net        anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN 
ACCEPT     udp  --  cdns6.ISP.net        anywhere            
ACCEPT     tcp  --  cdns2.ISP.net        anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN 
ACCEPT     udp  --  cdns2.ISP.net        anywhere            
ACCEPT     all  --  anywhere             anywhere            
LSI        udp  --  anywhere             anywhere            udp dpt:33434 
LSI        icmp --  anywhere             anywhere            
DROP       all  --  anywhere             255.255.255.255     
DROP       all  --  anywhere             192.168.1.255       
DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere            
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8 
DROP       all  --  255.255.255.255      anywhere            
DROP       all  --  anywhere             0.0.0.0             
DROP       all  --  anywhere             anywhere            state INVALID 
LSI        all  -f  anywhere             anywhere            limit: avg 10/min burst 5 
INBOUND    all  --  anywhere             anywhere            
LOG_FILTER  all  --  anywhere             anywhere            
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Input' 

Chain FORWARD (policy DROP)
target     prot opt source               destination         
LSI        udp  --  anywhere             anywhere            udp dpt:33434 
LSI        icmp --  anywhere             anywhere            
LOG_FILTER  all  --  anywhere             anywhere            
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Forward' 

Chain OUTPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  x.x.x.x        cdns1.ISP.net       tcp dpt:domain 
ACCEPT     udp  --  x.x.x.x        cdns1.ISP.net       udp dpt:domain 
ACCEPT     tcp  --  x.x.x.x        cdns6.ISP.net       tcp dpt:domain 
ACCEPT     udp  --  x.x.x.x        cdns6.ISP.net       udp dpt:domain 
ACCEPT     tcp  --  x.x.x.x        cdns2.ISP.net       tcp dpt:domain 
ACCEPT     udp  --  x.x.x.x        cdns2.ISP.net       udp dpt:domain 
ACCEPT     all  --  anywhere             anywhere            
DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere            
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8 
DROP       all  --  255.255.255.255      anywhere            
DROP       all  --  anywhere             0.0.0.0             
DROP       all  --  anywhere             anywhere            state INVALID 
OUTBOUND   all  --  anywhere             anywhere            
LOG_FILTER  all  --  anywhere             anywhere            
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Output' 

Chain INBOUND (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:6881:6889 
ACCEPT     udp  --  anywhere             anywhere            udp dpts:6881:6889 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:www 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:pop3 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:25 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:https 
LSI        all  --  anywhere             anywhere            

Chain LOG_FILTER (5 references)
target     prot opt source               destination         

Chain LSI (6 references)
target     prot opt source               destination         
LOG_FILTER  all  --  anywhere             anywhere            
LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound ' 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN 
LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound ' 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/RST 
LOG        icmp --  anywhere             anywhere            icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound ' 
DROP       icmp --  anywhere             anywhere            icmp echo-request 
LOG        all  --  anywhere             anywhere            limit: avg 5/sec burst 5 LOG level info prefix `Inbound ' 
DROP       all  --  anywhere             anywhere            

Chain LSO (1 references)
target     prot opt source               destination         
LOG_FILTER  all  --  anywhere             anywhere            
LOG        all  --  anywhere             anywhere            limit: avg 5/sec burst 5 LOG level info prefix `Outbound ' 
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable 

Chain OUTBOUND (1 references)
target     prot opt source               destination         
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:6881:6889 
ACCEPT     udp  --  anywhere             anywhere            udp dpts:6881:6889 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:www 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:pop3 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:25 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:https 
LSO        all  --  anywhere             anywhere
Sorry about the vague first post, I hope this one is better.

And to repeat my general problem with that configuration:
Firestarter keeps blocking connections from my IP Address, before I allowed it as an exception. Now I can't connect to the Internet with my firewall ON at all! [I'm not sure why]

So my main question is:
Whats is the best firewall configuration to allow me to do the things listed above, with maximum security?

Last edited by lupusarcanus; 12-20-2009 at 09:49 PM.
 
Old 12-21-2009, 05:31 AM   #4
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,070

Rep: Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897
Quote:
Originally Posted by leopard View Post
My apologies, salasi.
nothing really bad, its just not a good idea to tell people 'this is how you will respond' and then not doing a good job of providing the info they will need. Anyway, you subsequent post was a model of good information providing.

[QUOTE]
As for iptables-save, it completed but I didn't know where it saved and I couldn't define my own path where to save it so I gave up. Instead I typed iptable --help and found iptables --list [QUOTE]

that's fine:

My suspicion is immediately drawn to the lines like:

Code:
ACCEPT     tcp  --  cdns2.ISP.net        anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN
[/CODE]

What exactly were you hoping to achieve by the flag combination specifically?

Quote:
Sorry about the vague first post, I hope this one is better.
Much.

Quote:
So my main question is:
Whats is the best firewall configuration to allow me to do the things listed above, with maximum security?
Sorry that the rest of this answer isn't about your firewall rules, but:

I think that you are overcomplicating this and concentrating on the wrong risk: assuming everything is ethernet or ethernet-like (eg, wireless, but not a USB dongle) you will get all your traffic from your modem or modem/router and all the traffic will be packets that come from that device, but have the information encapsulated in them that say the are originally from somewhere else.

So, assuming that you have some level of control at your modem/router or modem, firstly take whatever control you can there. Usually there is some kind of simple firewall or access control system there and you should use it. At that point, with wired ethernet, if everything that you get comes from your modem/router that should cover the absolute basics.

For wireless, there is an additional risk. Someone local to you can send you packets (this might also apply to wired, if you don't have physical control of the location, but I assume that you do have that control, but if you turn out to be an enterprise that would be a bad assumption) and those packets could be crafted to do you harm.

So, you would like to ensure that you only get packets to your box from your m/r. Filtering to ensure that should be easy to get you head around. And you want to ensure that you have a good level of encryption on traffic between your box and the m/r (and WEP, rather than WPA, isn't that...I know that you haven't commented on that but you could get that wrong).

Also, ensure that your box only has the services that you really want to use listening: netstat -l will probably show up processes with which you are unfamiliar, but a combination of netstat -lt and netstat -lu should all be clear to you. Packets sent to ports for which there is no listening process should just be ignored; it does no harm to explicitly drop them in the firewall, but the big danger is that there is some process that you haven't thought about which will react to unwanted packets and that reactions might be 'bad'.

If you have services running that you know that you don't need, stop them. If you have services that you don't understand, start by understanding them.
 
Old 12-21-2009, 06:15 AM   #5
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022

Original Poster
Blog Entries: 19

Rep: Reputation: 146Reputation: 146
Quote:
What exactly were you hoping to achieve by the flag combination specifically?
I have no idea, the firewall configuration is done by Firestarter. A GUI tool.
Quote:
So, assuming that you have some level of control at your modem/router or modem, firstly take whatever control you can there. Usually there is some kind of simple firewall or access control system there and you should use it. At that point, with wired ethernet, if everything that you get comes from your modem/router that should cover the absolute basics.
I have implemented the best firewall I can there. For my router, there is only four check boxes under the firewall tab that I can implement. Currently, I implement all of them.
Quote:
For wireless, there is an additional risk. Someone local to you can send you packets (this might also apply to wired, if you don't have physical control of the location, but I assume that you do have that control, but if you turn out to be an enterprise that would be a bad assumption) and those packets could be crafted to do you harm.

So, you would like to ensure that you only get packets to your box from your m/r. Filtering to ensure that should be easy to get you head around. And you want to ensure that you have a good level of encryption on traffic between your box and the m/r (and WEP, rather than WPA, isn't that...I know that you haven't commented on that but you could get that wrong).
I have tried my hardest to ensure maximum wireless protection on my router, since it is usually how I connect to the internet. I use WPA2 TKIP+AES and a very complicated password, and MAC filtering. My router itself uses HTTPS and a strong login password to access, so I have paid much attention to this area.
Quote:
Also, ensure that your box only has the services that you really want to use listening: netstat -l will probably show up processes with which you are unfamiliar, but a combination of netstat -lt and netstat -lu should all be clear to you. Packets sent to ports for which there is no listening process should just be ignored; it does no harm to explicitly drop them in the firewall, but the big danger is that there is some process that you haven't thought about which will react to unwanted packets and that reactions might be 'bad'.
This is something I will be looking into more. I use my box solely for internet browsing, and downloading programs and stuff via Bittorrent, repositories, and Firefox.
I'm just very unsure in this area of what to do.

Quote:
If you have services running that you know that you don't need, stop them. If you have services that you don't understand, start by understanding them.
Finding & Defining what services I don't need is the tough part for me.

Also I have confirmed I connect to the internet using DHCP.


Although you have been a tremendous help salasi, the original question/topic remains as unsolved. I still can't figure out how to configure the firewall correctly.

Thanks ~
 
Old 12-21-2009, 02:34 PM   #6
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,070

Rep: Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897
Quote:
Originally Posted by leopard View Post
Although you have been a tremendous help salasi, the original question/topic remains as unsolved. I still can't figure out how to configure the firewall correctly....I have no idea, the firewall configuration is done by Firestarter. A GUI tool.
One of the disadvantages of a GUI tool; you don't necessarily know the detail of what it is trying to do for you as a result of the instructions that you give it.

You should, however, be able to get it to something simple, which is just get it to accept all of the packets that come from your router's IP address, without any of this messing around with what state the connection is in. You may subsequently want to elaborate things by doing something different with 'new' (packets/connections) than 'established' or 'related' ones, but it isn't necessarily needed, and certainly not trying to do any 'showboating', if I can call it that, is going to be the way to start - start simple and build up.


Quote:
I have implemented the best firewall I can there. For my router, there is only four check boxes under the firewall tab that I can implement. Currently, I implement all of them.
Good, because once packets start coming from that, it gets more difficult to do clever things with them. And once you've done that, you've done most of what can be done.

Quote:
I use WPA2 TKIP+AES and a very complicated password, and MAC filtering.
That (wpa2, plus strong password) covers most things.

Quote:
This is something I will be looking into more. I use my box solely for internet browsing, and downloading programs and stuff via Bittorrent, repositories, and Firefox.
I'm just very unsure in this area of what to do.
Any internet browsing is likely to use
  • port 80 (HTTP)
  • port 8080 (HTTP)
  • port 3128 (HTTP, if using an external cache)
  • port 443/tcp/udp/sctp # HTTPS
so just opening those ports up should allow browsing (nearly). depending on what you are doing with DNS, you'll probably have to open up port 53 (use dig to check whether DNS is working, as DNS is a pre-requisite for browsing-by-human-readable name, rather than by ip port).

You can find what port numbers are associated with a particular service from /etc/services

(eg 'cat /etc/services | grep - i domain', to search on the word domain, which (rather than DNS, apparently) is likely to be in any reference to DNS services)

Quote:
Finding & Defining what services I don't need is the tough part for me.

Also I have confirmed I connect to the internet using DHCP.
That's DHCP between your ISP and your modem (that is my interpretation; tell me if I have misunderstood), used for giving an ip to the internet side of the modem, and so is no concern for what goes on on your side of the modem. (You could also be using DHCP to hand out ip addresses on your side of the m/r, probably in the 192.168.x.y range, and that would be a different matter.)

Quote:
Although you have been a tremendous help salasi, the original question/topic remains as unsolved. I still can't figure out how to configure the firewall correctly.
I have the problem that I don't use that GUI (or any GUI) for firewall configuration, so I can't give you direct instructions on the use of the GUI tool.
 
Old 12-21-2009, 03:00 PM   #7
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022

Original Poster
Blog Entries: 19

Rep: Reputation: 146Reputation: 146
Alas, I must admit that when it comes to iptables and firewalls, I'm not much use on the old CLI. Firestarter seems to be the most comprehensive in terms of options.

Anyway, which IP addresses should I allow? I'm guessing the IP address that is assigned by DHCP, but is there another one I should allow?

I do appreciate your help salasi, I honestly do. Sorry if I sound too critical or rude.
 
Old 12-22-2009, 06:32 AM   #8
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,070

Rep: Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897Reputation: 897
Quote:
Originally Posted by leopard View Post
Anyway, which IP addresses should I allow? I'm guessing the IP address that is assigned by DHCP, but is there another one I should allow?
I go back to:

Quote:
That's DHCP between your ISP and your modem (that is my interpretation; tell me if I have misunderstood), used for giving an ip to the internet side of the modem, and so is no concern for what goes on on your side of the modem. (You could also be using DHCP to hand out ip addresses on your side of the m/r, probably in the 192.168.x.y range, and that would be a different matter.)
Interfaces have IP addresses. The external interface of your modem has an IP address assigned by dhcp (which is one of the options, but it doesn't really matter which one your ISP uses; they need to know the IP of your modem and deal with this by assigning it from their pool of IPs; the point is that however they have done it, they have done it and it is of little more concern to you unless and until you want to access your system from the outside world).

The internal interface has an IP. This is of concern to you, as this is the interface from which packets come. It is probably a 192.168.x.y and it is probably set up in a screen in the web interface of the modem/router box. You need to allow packets from that IP address, otherwise you will have nothing, as all the internet stuff comes from there.
 
Old 12-22-2009, 11:17 AM   #9
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by salasi View Post
The internal interface has an IP. This is of concern to you, as this is the interface from which packets come. It is probably a 192.168.x.y and it is probably set up in a screen in the web interface of the modem/router box. You need to allow packets from that IP address, otherwise you will have nothing, as all the internet stuff comes from there.
Why would any packets coming from the Internet side have the gateway's IP address on them when they reach leopard's box on the LAN? There is no need to specify the gateway address in any iptables rules meant to deal with Internet packets on LAN boxes. FWIW, this is what the INPUT chain on my PC looks like right now:
Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
28793   22M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4 prefix `INPUT DROP: '
As you can see, it's just three iptables rules. The first one allows packets in states RELATED and ESTABLISHED; the second one allows all traffic on the loopback interface; and the last one just logs all other packets right before they are filtered.

Last edited by win32sux; 12-23-2009 at 02:26 PM. Reason: There was a glitch in the matrix.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall and Firestarter petermadd Linux - Newbie 1 08-08-2009 03:01 AM
Firestarter Firewall shipon_97 Linux - Security 3 03-25-2006 07:21 AM
anybody using firestarter firewall? reddog Linux - Security 4 03-21-2006 08:44 AM
firestarter firewall thelenko Linux - Software 8 05-30-2004 03:01 AM
help with firestarter firewall luap Linux - Networking 1 03-15-2003 11:09 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration