Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
This is a n00b question, I know, but I'm kinda in a crunch and haven't had to deal with this before. I have a box that I built for a friend, PIII with Ubuntu. I don't know if they're going to continue with dial-up or switch to broadband - but I need to put something on this box that will give them SOME protection vs. open internet ports. I am basically looking for something that would do the same job as Windows Firewall on a Windows box.
I don't know, maybe it's as simple as closing ALL of the ports on the box and only leaving the ones open for HTTP and SMTP/POP, since that's all they want the box for, anyway. And I should know those ports and how to close them. But I'm kinda under the gun here and don't have a lot of time to do the research - IF I CAN GET THIS DONE. Of course, if I can't get an answer, I'll have to put them off for a few more days until I have the time do get the reading done. Gotta love two small kids tag-teaming Daddy while he's trying to work.
Anyway, if I can get some help, I'll be grateful. And if this post gets trashed or flamed, I'll understand.
*** EDIT ***
One thing I forgot to mention, all this friend is going to have is the one box connected directly to the internet. There is no second box or router to act as a firewall.
*** END EDIT ***
Well I would recommend using IPTables on that Ubuntu box. Most likely the support is enabled by default in the kernel. I know you don't have time to read but there are many prebuilt scripts on the internet that you could use. If you are looking for something simple I would just recommend dropping all incoming connections that are NEW and allow only ESTABLISHED,RELATED connections back in. If you need the actual rules, let me know. But like I said google will contain most of your answers
Many thanks to Centinul and uselpa - both had good suggestions, IMO.
I believe I'll go with the IPTables option though.
And, just to clarify, I DO have time to read up on how to implement AN option, just not the time to sit and read through MANY options to determine what is available, which is best, which is easiest, etc.
So, I'll be doing a bit of reading on IPTables this afternoon and hopefully get the computer to these folks before Easter...