LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-27-2007, 03:50 AM   #1
anasmich
Member
 
Registered: Apr 2007
Location: Caspian sea & China
Distribution: FC7 XP Ubuntu
Posts: 111

Rep: Reputation: 15
Fire wall and black ice


Hi all
When I us Xp at home I always run the black ice and it all the time notifies me that I’m under attack and shows the attacker IP so I can block it
Is there any similar software for Linux? Or do I need to modify the fire wall? And how?
RGD
 
Old 06-27-2007, 04:25 AM   #2
SkyEye
Member
 
Registered: Sep 2005
Location: Sri Lanka
Distribution: Fedora (workstations), CentOS (servers), Arch, Mint, Ubuntu, and a few more.
Posts: 441

Rep: Reputation: 40
Quote:
Originally Posted by anasmich
Hi all
When I us Xp at home I always run the black ice and it all the time notifies me that I’m under attack and shows the attacker IP so I can block it
I don't see why you need such a software for Linux if you are properly using Netfilter/IPTables (which is included in the kernel itself). It's a firewall in simple terms and you know the rest. You don't have to manually block attackers.

Anyway if you still prefer alerts you might want to install an IDS like Snort, may be with a supporting GUI frontend too.

EDIT: If you want help on IPTables, you can post here (LQ.org) about it (if you thikn it's unanswered in earlier LQ posts)

Last edited by SkyEye; 06-27-2007 at 04:37 AM.
 
Old 06-27-2007, 04:27 AM   #3
b0uncer
LQ Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
There may be a "ready" piece of software for this, search if you like. I find two ways (at least) of doing this: one way is to have iptables log the traffic, or part of it, that is coming and then have some program scan trough that (real-time) log information and try to identify "attacks", and then do something about it. Another way is to have a program listen to the traffic all the time (like tcpdump) and scan that output. There surely is some software available, at least to do stuff like ignore traffic that seems hostile. Google, Altavista and other search engines help you out.
 
Old 06-27-2007, 04:51 AM   #4
anasmich
Member
 
Registered: Apr 2007
Location: Caspian sea & China
Distribution: FC7 XP Ubuntu
Posts: 111

Original Poster
Rep: Reputation: 15
Thank you guys!
Iptable who to run it from FC6? it will effect other chat program like messenger and skype?

thanks again
 
Old 06-27-2007, 06:09 AM   #5
SkyEye
Member
 
Registered: Sep 2005
Location: Sri Lanka
Distribution: Fedora (workstations), CentOS (servers), Arch, Mint, Ubuntu, and a few more.
Posts: 441

Rep: Reputation: 40
You already have IPTables active in FC6. You just have to give the rules you need. Luckily FC6 have a simple tool to edit firewall settings easily.

Go to menu System --> Administration --> Security Level & Firewall.

Set firewall enabled, and specify things you do not want to block. Some programs might need have non-filtered ports. If to enter them too (in other ports section). This is the easy way. Otherwise install a program like FireStarter. It'll be more flexible. But if you want total control, command line tool is the best.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
fire wall berrance Red Hat 2 08-21-2004 11:55 AM
Do I need a fire wall? shanenin Linux - Security 9 12-11-2003 01:21 AM
how do i get through a fire wall pureskater561 Linux - Security 2 11-04-2003 09:48 AM
fire wall question newlinuxguy Linux - Networking 1 12-26-2002 06:09 PM
Going through the great [fire]wall bxb32001 General 26 10-19-2002 09:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:04 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration