FedoraThis forum is for the discussion of the Fedora Project.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Recently Ive been experimenting and getting to know a bit more of my linux security, so far as firewall stuff I had Firestarter running from the getgo in my FC3. I stumbled upon this Guarddog thingie and decided to see what it was. If I understand correctly my Linux comes with its own firewall thingie (something called iptables and other stuff) and all that Guarddog does is configure it nicely by editing something called rc.firewall.
Now does this means thats all it takes to keep my box secure? A simple tweaking of this rc.firewall file?
So what exactly does Firestarter? It loads its own rules or what? Ive noticed how it not only detects portcalls but it helps me identify'em.
Also, now that Ive tweaked rc.firewall using Guarddog, do I need to keep running Firestarter or could I live without it for now on?
The actual firewall is part of the Linux kernel (it's called iptables). You can see the current rules for it by typing /sbin/iptables -L. Firewall tools feed a ruleset to iptables. If you use more than one on the same system then things may get a bit confusing, that's all.
The rc.firewall file is probably specific to Guarddog.
>> Now does this means thats all it takes to keep my box secure? <<
In addition to utilising a firewall, you should also keep your system updated with the latest security patches etc - the typical option is to use YUM on FC3 to keep your system updated - you should also deploy strong passwords, disable any un-necessary services, use an ordinary limited-user account etc....
So, if I understand correctly now that I have rc.firewall properly configured by Guarddog I can ditch Firestarter, right? This might be a dangerous question but, is there any way I can check if my box is really secure? I heard of some security websites where they could check your ports and see if your box is secure, what sites are these? can they really be trusted? should I visit'em and see whats what with my firewall?
Thanx to those who have replied and to those who will reply.
You can go to some online scanner, there are many to choose from, e.g. www.grc.comwww.dslreports.com/scan/ just to name two. You could also get nmap from www.insecure.org and that way you can check your box yourself.
And yes you should only be running one firewall, so you should turn off either Guarddog or Firestarter, your choice.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
