LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-14-2005, 04:07 PM   #1
cd1680
Member
 
Registered: Mar 2005
Posts: 40

Rep: Reputation: 15
how to configure my firewall


hi i am totally new to linux.
i just installed fedora 3 and dont know how to configure its firewall.
i would like to open ports for gaim so i can send files and receive files to buddies.
also i would like to open ports for gtkgnutella so that it can download faster.
i have heard that firestarter is the best firewall, but i dont know if i have it or how can i install it. anyone help? thanks.
 
Old 03-14-2005, 05:10 PM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Firestarter isn't a firewall itself, but rather a graphical tool that allows you to configure iptables, the firewall system in Linux. Just try entering firestarter at the command line (you probably need to be root) and if you have it, it should start. Otherwise there are rpm's at the firestarter site.
 
Old 03-14-2005, 07:45 PM   #3
pattont
Member
 
Registered: Feb 2005
Location: Tennessee
Distribution: SUSE 9.2 Professional
Posts: 58

Rep: Reputation: 15
this work on suse i take it??
 
Old 03-14-2005, 08:13 PM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
It should. Neither iptables nor firestarter are dependant on any particular distro. In fact iptables is part of the kernel.
 
Old 03-14-2005, 08:55 PM   #5
cd1680
Member
 
Registered: Mar 2005
Posts: 40

Original Poster
Rep: Reputation: 15
thanks alot!
i got firestarter to work!
but i got another problem: how do i do port forwarding? my bittorent client requires this. help? thanks.
 
Old 03-14-2005, 09:54 PM   #6
penguinlnx
Member
 
Registered: Mar 2005
Location: Ice Station Alert AFB
Distribution: Gentoo
Posts: 166

Rep: Reputation: 30
Security HOWTO for newbies?

On this topic, is there a basic Primer or HOWTO that can
outline the necessary/desirable steps a Newbie should take
to secure his machine for simple websurfing?

Also, I know that there are thousands of spyware/virus/trojans
out there downloaded via popups or clicking on websites etc...
for Windows Operating systems. (90% of netsurfers).

Is there a similar danger, and/or specific (smaller #) of problems with Linux home systems?
What configurations/freeware is considered necessary by experienced Linux users?
It would be great if someone could post a tutorial or introduction to Linux-specific issues.
 
Old 03-15-2005, 07:22 AM   #7
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Quote:
Originally posted by cd1680
thanks alot!
i got firestarter to work!
but i got another problem: how do i do port forwarding? my bittorent client requires this. help? thanks.
If you are using this box as a router, I would suggest reading through this tutorial on how to set it up. I've never used Linux as a router, but I believe you would just have to set up proper rules in the FORWARD chain.

Quote:
On this topic, is there a basic Primer or HOWTO that can
outline the necessary/desirable steps a Newbie should take
to secure his machine for simple websurfing?
Off of the top of my head I don't know of one, but essentially you need to set up a simple firewall and a program like firestarter can help you do that. Beyond a firewall, you need to turn off the services that you're not using. For example, if you're not serving web pages, make sure that Apache is turned off. Have a look at the output of netstat -pantu and pay attention to the services that are listening. You can also run nmap to get similar information. Again, the idea is that if you don't need it, turn it off. For most distros, running the Bastille scripts can harden the machine as well, but I don't know if that is really needed for a casual use machine. Also be sure to keep your machine patched with the latest security realeases from your distro. A lot of time, potential security problems are patched very, very quickly.

In general, the virii, trojans, etc. out there in the wild don't affect Linux, but you do need a firewall and turning off unneeded services. That should keep you pretty safe. If you want to be a bit more paranoid, I would suggest installing a file integrity checker like Tripwire, Aide or Samhain.
 
Old 03-16-2005, 05:55 PM   #8
cd1680
Member
 
Registered: Mar 2005
Posts: 40

Original Poster
Rep: Reputation: 15
what do you mean by using linux as a router? all my computers are connected to the same router
 
Old 03-17-2005, 04:55 AM   #9
saugato
LQ Newbie
 
Registered: Jan 2005
Posts: 15

Rep: Reputation: 0
Talking USE IPCOP

I would suggest you download IPCOP from the net and install it, it is very easy with all the features of a full fleged firewall. It can be configured from a http based browser window. It gives you all the features and the ease to open ports.
 
Old 03-17-2005, 09:48 AM   #10
cd1680
Member
 
Registered: Mar 2005
Posts: 40

Original Poster
Rep: Reputation: 15
i hav firestarter installed and am using that as a firewall gui.
i know how to use a firewall but my question is how can i set up a static ip address. can anyone help?
 
Old 03-17-2005, 12:19 PM   #11
soulstace
Member
 
Registered: Mar 2005
Location: USA
Distribution: Knoppix
Posts: 64

Rep: Reputation: 15
Quote:
Originally posted by cd1680
my question is how can i set up a static ip address. can anyone help?
Two ways.

1. Have the DHCP server assign static IP by MAC address. Each computer's NIC will have a different MAC.
2. Disable DHCP client and set IP on each machine manually.

Code:
ifconfig eth0 <address>

Last edited by soulstace; 03-17-2005 at 12:23 PM.
 
Old 03-17-2005, 08:41 PM   #12
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Quote:
Originally posted by cd1680
what do you mean by using linux as a router? all my computers are connected to the same router
You can actually add a few ethernet cards to a linux box and have it do pretty much the same thing as a router you buy. Actually, I believe a number of commercial routers use a Linux variant as their OS.


The reason I was asking is that if you were using this box as a router you would have to forward the bittorent ports using iptables. However, since you have a router, you have to use the router's software to forward the needed ports to your Linux box and then just have the firewall allow the traffic.

In addition to soulstace's advice, you can set up your linux box so that it has a static IP address but other computers can still use DHCP from your router. You don't have to completely disable DHCP at the router. Just be sure the static IP you use is outside the range that your router uses for DHCP. If you don't, then you can get IP collisions (two machines with the same IP address) and that causes all sorts of trouble.

For Fedora, there is probably a GUI that lets you set a static IP on your ethernet card.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
easy to configure firewall jaakkop Linux - Software 3 09-18-2005 02:58 PM
do I need to configure firewall? totti10 Mandriva 5 10-24-2004 02:37 PM
Need to configure firewall aargh Fedora 3 09-17-2004 02:34 PM
How to configure the Firewall? LinuxSeeker Linux - Newbie 1 02-06-2004 11:49 AM
Please help me configure my Firewall teeno Linux - Security 3 07-01-2003 11:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration