Hi

I've just run my newly installed Linux system through a variety of on-line security scans and probes from a number of different organizations, and while some results came back looking quite favourable, others were downright disturbing.

As an extremely new user, who's still plodding through the man pages and how-to's, I lack both the experience and confidence to use IP tables as a means of stealthing my ports. Does anyone here have any experience of using programmes like Firestarter on the SuSe distribution? Are there any problems caused by the SuSe firewall? I'm running SuSe 8.0 Professional on a machine that's being used as a stand alone workstation, and have Gnome fully installed (although I'm getting to grips with KDE first.)

Any assistance you could provide would be great :-)

well anything you would call a "firewall" under linux is probably a front end for iptables, which is in turn a wrapper for the kernels netfilter. when you load firestart it will empty any currently set up rules, so even if you do have some suse firewall gubbins in there somewhere it is unlikely to affect anything, as it should be removed by firestarter. turn it off as much as possibel anyway though

I have found the that setting up a firewall using YaST2 is pretty good.

my wife uses suse 8 and like nonamenobody said you might want to check out the firewall in yast2

The scans were being run to test a Yast 2 configured firewall. Like you said, it's not bad by any means, although there were a couple of areas I found unsettling. Basically, I'm just looking for a nice friendly GUI to help with refinements and modifications until I've gained enough experience to do it myself.

Many thanks for the replies, all of you. It's much appreciated

If you want more functionality out of SuSEfirewall2 than is provide by the four simple set screens it may be worth taking a look at :
/etc/sysconfig/SuSEfirewall2
/etc/sysconfig/scripts/SuSEfirewall2-custom

These files allow you to set more advanced options, which YaST2 leaves out (to make things simpler). Obviously you can create your own iptables rules, but SuSE done a lot of work creating a very logical structure, to which you can bolt extra bits on, to meet your requirements.

Thanks once again Nonamenobody! Sorry I couldn't reply to the post earlier - I've had the flu. *looks pale and congested*

Incidentally, on the subject of SuSE and security, according to this report http://www.egovos.org/pdf/dodfoss.pdf the Bastille hardening system is to be added to SuSE, Debian and TurboLinux either late this year, or early next year. The report is mentioned in this http://slashdot.org/articles/02/10/2....shtml?tid=117 Slashdot article. You're probably all aware of it anyway, but I thought I'd pass the info on

I'm running SuSe 7.3.
I initially set up the suse fire wall with yast and am using guarddog now.

If you test your security at www.grc.com you'll find that guarddog seems to work better than the basic setup suse gives you.

With the suse firewall my ports all show up as closed but with guarddog they're stealthed.

Just M.H.O.