What's up folks??

I'm a semi-new user to Linux. I've been messing with it for a little more than two years,,and am fairly comfortable in X using windowmaker. After experimenting with an ungodly number of distros (from "popular" to "where the hell did this come from"), i've found Suse to be the distro I'd trust most.

Anyway, my question, regarding firewalls, is coming from someone who is used to using a program such as "BlackIce defender" in Windows. Complete Gui. Multiple security levels from minor to intensive, and with built in IDS.


What I need to ask is:
Is slackware secure? Can I leave my computer on 24/7 with a broadband connection and not have to worry about comprimising intrusions? Of all distros, Suse seems to be the safest to me since the config. for it is gui based (choosing available services for example), and it's "cute" because you can watch it initialize the firewall in a 3 phase process while the kernel loads.

Of various distros, i've also taken to slackware. I like running it, and I find it "fun" on various levels,,but not knowing what kind of, if any, firewall or security is present makes me run in fear! Watching my firewall program in windows display new lists daily of various probes and attacks from various IP's and stuff tells me that if I make a permanent switch to linux (because I hate bill gates and the whole microshaft corp.), i'm not going to be at all comfortable if I have to worry about security and firewall protection in general.


I hope I haven't put anybody to sleep ^_^
But i'm truly worried about this kind of thing, so any info. would be appreciated. What can I say, slack is awesome!

Thanks very very much in advance everyone. I promise I won't "talk your ears" off again in the future
--The Automator

I started a thread about the same thing asking if the SuSE built in firewall was sufficient. Despite the number of replies, none were helpful.

look at firestarter or
look at this tutorial
http://people.unix-fu.org/andreasson...-tutorial.html

good luck

"Slackware is the most secure distro, out of the box"
However this is not enough, you can not install any distro and just leave it. Take a day or two reading slackware hardening docs, and you'll have A VERY secure system. Here are some things you need to do:
Configure a good firewall,
Install snort that will automatically block IPs trying to scan/probe you
Install AIDE or tripwire or Demarc's pure secure to monitor your vital files
Configure tcp wrappers, /etc/hosts.deny (should be ALL:ALL) and then just give acces to hosts you trust in /etc/hosts.allow
Finally, but most important, turn off or uninstall al the services you don't need. Then run Nessus that will scan you and report all the possible risks.
After hardening my system i have only sshd running, nessus reports very low risk, and i still have to install snort and configure the firewall.
So if you don't need a service, close it. If you don't need any services, then you are very safe, cuz if there are no ports open, its very hard to get into a system.
In any case, most of the probing you get in windows are Script Kiddies using lame scripts.
When they come across a Linux box they will most likely look puzzled and move on to find another lamer sharing his whole drive C: running windows ME.
HTH
-NSKL

snort is too confusing.

snocked@linux:~> snort -dvi eth0
Initializing Output Plugins!
Log directory = /var/log/snort

Initializing Network Interface eth0
ERROR: OpenPcap() device eth0 open:
socket: Operation not permitted
Fatal Error, Quitting..
snocked@linux:~>

I've used slackware for quite a while now, and I'd have to say they're good about it being secure. A few of my good friends run 2 ISP's off Slackware servers and they havn't had a problem. I personally run a few slackware servers and have no problems either. I've had my boxes on Cable and now here at school on Dual OC3 and have nad no problems other than the occasional ./script kiddie floods and the such. Very stable and very worth it if you want a secure distro.

That one says my EXT_IF is empty. lol.

http://firestarter.sourceforge.net/

do yourself a favor and grab firestarter