LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   firewall newbie question (https://www.linuxquestions.org/questions/linux-security-4/firewall-newbie-question-82509/)

matador 08-16-2003 07:25 AM
firewall newbie question
 
I've used Linux (MDK 9.1 at the moment) for quite a while alongside with MS. The more I use it the more I start liking the progs. I have read a lot of info about how to install firewall, iptables etc but what I'm asking myself now is how important a firewall actually is. I'm online always, file sharing (k-lite, xmule, ftp-server, ssh-server), which also exposes me to viruses. So I guess I'm asking for your opinion or info on the need of a firewall and virus protection (could spread it to friends using other more vulnerable systems).

/thanks

leonscape 08-16-2003 08:01 AM
FIrewalls, are important. if your connected for long periods even more so.

Their fairly easy to set up. I use KDE and theirs a good program called Guarddog that a GUI to itables.

markus1982 08-16-2003 10:09 AM
Well I prefer writing my netfilter code (= firewall) myself ... I do not want to trust a GUI :-)

matador 08-16-2003 10:59 AM
Well it seems as if a firewall is important. I'm not sure I have the time at the moment (studies...) to build up a netfilter code at the momnent (I would like to do it though). Plus I'm a bit scared of locking my computer, getting more probs than benefits (not saying a GUI wouldn't do that aswell).

So I guess I'm gonna go for a GUI. I've heard a lot about Guarddog and the documentation seems rather good, but does it work on windowmaker or just on KDE? I've heard about some others such as smoothwall and Astaro but they seem to take over the computer changing it into a router.

And what about viruses?

leonscape 08-16-2003 11:07 AM
Hmmm Guarddog would require some of the KDE libs for display.

It doesn't take over as its a GUI for setting the computers filters etc. Its pretty hot on the protocols so it locks lots of things down. Took me ages to get the real player working :)

As for anti-virus programs, I don't have any. There are a few about but Linux doesn't suffer that much from them. I been running Linux about 6 years and never seen a virus.

I've had about seven in WIndows.

matador 08-16-2003 11:25 AM
I'm using windowmaker but I have KDE installed on the puter. So it should work, or?

I guess the only reason to have a virusprogram is to recognize if a file is infected so that I don't spread it to a MS user. On the other hand they can have it! :D

markus1982 08-16-2003 12:36 PM
If you want to go for antivirus give clamav and amavisd-new a look. They can be easily integrated with Postfix for instance.

matador 08-16-2003 12:47 PM
I'll check them out. It feels better having one. Thanks!

leonscape 08-16-2003 01:27 PM
If you've got KDE installed then Guarddog should work fine.

matador 08-16-2003 01:36 PM
Cool! Then I got some installations ahead of me! But there's some serious partying and bar-work attending to first. Remembering what happened last time I did repartitioning/installation at 4am after partying; perhaps I should wait untill tomorrow...

slapNUT 08-16-2003 08:19 PM
Since you are using Mandrake just start the mandrake control panel click on security then on firewall. If the shorewall packages are not installed it will install them. You could even do it drunk!

matador 08-17-2003 06:35 AM
Wow, I'm surprised how easy it was configuring guarddog. Rpm -ivh, start, click, click, done? Forgot the DNS access, click, et voilą!

I guess it's too late switching to smoothwall now. But I'll try it in a few weeks when the Mandrake 9.2 is released. Is it somewhat like guarddog, i.e. easy but still ~safe?

yocompia 08-17-2003 02:03 PM
just for the sake of encouraging use of iptables, i suggest you use the following for your base iptables:

NOTE: substitute your network interface (ppp0 if you use PPPOE) for eth0

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -p ALL -i lo -j ACCEPT

iptables -A INPUT -p ALL -i eth0 -m state --state ESTABLISHED, RELATED -j ACCEPT

iptables -A INPUT -p TCP -i eth0 -s 0/0 --destination-port 22 -j ACCEPT

iptables -A OUTPUT -p ALL -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p ALL -o eth0 -j ACCEPT

this just makes sure that nobody makes new connections to your computer via the state-matching rule. it's a really basic firewall that doesn't watch for certain funny packets and i'm sure the guarddog firewall is better out of the box, but a real understanding of iptables is a very useful tool to possess.

all you need to do is put this into a script where mandrake 9.1 will load it from on boot (i don't know where it is...).

gl,
y-p

matador 08-18-2003 10:46 AM
Thanks man!

I definetely want to learn how to set up an iptables firewall. It's just my *blody* finals right now :jawa: so I guess guarddog does the job until I have time to read all the howtos.


All times are GMT -5. The time now is 04:16 AM.