Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've just run my newly installed Linux system through a variety of on-line security scans and probes from a number of different organizations, and while some results came back looking quite favourable, others were downright disturbing.
As an extremely new user, who's still plodding through the man pages and how-to's, I lack both the experience and confidence to use IP tables as a means of stealthing my ports. Does anyone here have any experience of using programmes like Firestarter on the SuSe distribution? Are there any problems caused by the SuSe firewall? I'm running SuSe 8.0 Professional on a machine that's being used as a stand alone workstation, and have Gnome fully installed (although I'm getting to grips with KDE first.)
Any assistance you could provide would be great :-)
well anything you would call a "firewall" under linux is probably a front end for iptables, which is in turn a wrapper for the kernels netfilter. when you load firestart it will empty any currently set up rules, so even if you do have some suse firewall gubbins in there somewhere it is unlikely to affect anything, as it should be removed by firestarter. turn it off as much as possibel anyway though
The scans were being run to test a Yast 2 configured firewall. Like you said, it's not bad by any means, although there were a couple of areas I found unsettling. Basically, I'm just looking for a nice friendly GUI to help with refinements and modifications until I've gained enough experience to do it myself.
Many thanks for the replies, all of you. It's much appreciated
Last edited by StrangeGirl; 10-29-2002 at 05:58 AM.
If you want more functionality out of SuSEfirewall2 than is provide by the four simple set screens it may be worth taking a look at :
/etc/sysconfig/SuSEfirewall2
/etc/sysconfig/scripts/SuSEfirewall2-custom
These files allow you to set more advanced options, which YaST2 leaves out (to make things simpler). Obviously you can create your own iptables rules, but SuSE done a lot of work creating a very logical structure, to which you can bolt extra bits on, to meet your requirements.
Thanks once again Nonamenobody! Sorry I couldn't reply to the post earlier - I've had the flu. *looks pale and congested*
Incidentally, on the subject of SuSE and security, according to this report http://www.egovos.org/pdf/dodfoss.pdf the Bastille hardening system is to be added to SuSE, Debian and TurboLinux either late this year, or early next year. The report is mentioned in this http://slashdot.org/articles/02/10/2....shtml?tid=117 Slashdot article. You're probably all aware of it anyway, but I thought I'd pass the info on
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.