LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   firewall config questions (https://www.linuxquestions.org/questions/linux-security-4/firewall-config-questions-187318/)

robhargreaves 05-29-2004 09:29 AM
firewall config questions
 
Hi

I have been scouring the internet looking for information on how to secure my Slack setup ofr use on the internet.

I only plan on using the setup to -

email -

a: Crossover Office Outlook
b: Kontact, maybe evolution to see what they are like.

internet -

c: FireFox

webcam -

d: motion

The resources I have looked at - searching on this site and on the ldp mainly give me information on setting up a system to have a server and a workstation. I have a USB ADSL modem which I wish to use on the same system as the software I will be using for all access.

I have heard there are apps available to configure iptables and ipchain out there but would like to configure them myself if possible.

I guess it is along the lines of -

1: IP address setup - (my internet provider will supply this)
2: Assessing the ports needed for incoming and outgoing traffic specifically for the apps listed above.
3: Ensuring only the services running are those needed. (eg - no apache or sql server if I arent using these which I arent.)

can you tell me where to find a step by step to do this please.

Many Thanks.

Rob

jimrt 05-29-2004 09:41 PM
Its a bit complicated, but when I first started playing with iptables, I used this document http://iptables-tutorial.frozentux.n...-tutorial.html

When setting up your firewall I wouldn't worry too much about limiting outbound connections (at least for now, you can also play with restricting outbound traffic later.) Instead, decide what types of inbound traffic you need to allow (i.e. what services do you want your machine to provide to others) and go from there.

This is what I like to start with for a basic firewall on a desktop machine

1. Allow all inbound and outbound traffic on the loopback interface
2. Allow all outbound connections and related connections (i.e. you want to allow incoming traffic realted to outbound connections you've established)
3. DROP all other inbound connections

I would start with something like this, test it, and tweak it as needed
If I can be of any help, please let me know.

robhargreaves 05-30-2004 05:46 AM
Thanks Jim I will give it a go


All times are GMT -5. The time now is 04:13 AM.