Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
04-14-2006, 09:19 AM
|
#1
|
Member
Registered: Sep 2003
Location: MidWest
Distribution: Debian GNU/Linux 8 (jessie)
Posts: 199
Rep:
|
Need firewall functionality on PC
This is a n00b question, I know, but I'm kinda in a crunch and haven't had to deal with this before. I have a box that I built for a friend, PIII with Ubuntu. I don't know if they're going to continue with dial-up or switch to broadband - but I need to put something on this box that will give them SOME protection vs. open internet ports. I am basically looking for something that would do the same job as Windows Firewall on a Windows box.
I don't know, maybe it's as simple as closing ALL of the ports on the box and only leaving the ones open for HTTP and SMTP/POP, since that's all they want the box for, anyway. And I should know those ports and how to close them. But I'm kinda under the gun here and don't have a lot of time to do the research - IF I CAN GET THIS DONE. Of course, if I can't get an answer, I'll have to put them off for a few more days until I have the time do get the reading done. Gotta love two small kids tag-teaming Daddy while he's trying to work.
Anyway, if I can get some help, I'll be grateful. And if this post gets trashed or flamed, I'll understand.
*** EDIT ***
One thing I forgot to mention, all this friend is going to have is the one box connected directly to the internet. There is no second box or router to act as a firewall.
*** END EDIT ***
Last edited by gvaught; 04-14-2006 at 09:38 AM.
|
|
|
04-14-2006, 09:47 AM
|
#2
|
Member
Registered: Jun 2005
Distribution: Gentoo
Posts: 552
Rep:
|
Well I would recommend using IPTables on that Ubuntu box. Most likely the support is enabled by default in the kernel. I know you don't have time to read but there are many prebuilt scripts on the internet that you could use. If you are looking for something simple I would just recommend dropping all incoming connections that are NEW and allow only ESTABLISHED,RELATED connections back in. If you need the actual rules, let me know. But like I said google will contain most of your answers 
|
|
|
04-14-2006, 09:48 AM
|
#3
|
Senior Member
Registered: Oct 2004
Location: Luxemburg
Distribution: Slackware, OS X
Posts: 1,507
Rep:
|
Install a software like Guarddog which will help you to easily configure the firewall which is included in the Linux kernel.
|
|
|
04-14-2006, 09:49 AM
|
#4
|
Moderator
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047
Rep:
|
|
|
|
04-14-2006, 09:52 AM
|
#5
|
Member
Registered: Sep 2003
Location: MidWest
Distribution: Debian GNU/Linux 8 (jessie)
Posts: 199
Original Poster
Rep:
|
Many thanks to Centinul and uselpa - both had good suggestions, IMO.
I believe I'll go with the IPTables option though.
And, just to clarify, I DO have time to read up on how to implement AN option, just not the time to sit and read through MANY options to determine what is available, which is best, which is easiest, etc.
So, I'll be doing a bit of reading on IPTables this afternoon and hopefully get the computer to these folks before Easter...
|
|
|
04-14-2006, 09:53 AM
|
#6
|
Senior Member
Registered: Oct 2004
Location: Luxemburg
Distribution: Slackware, OS X
Posts: 1,507
Rep:
|
Guarddog does IPtables, just in a very simple way.
|
|
|
04-14-2006, 10:02 AM
|
#7
|
Member
Registered: Jun 2005
Distribution: Gentoo
Posts: 552
Rep:
|
Here is the Holy Grail of IPTables tutorials. Good Luck and post back with questions.
|
|
|
All times are GMT -5. The time now is 10:44 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|