I am looking for firewalls to secure my computer the way I am used to in windows.
In windows I know everything that happens because my firewall alerts me whenever something like to go on the internet. With iptables, as far as I can see, some ports are left open (eg 80) so any malicious program can be programmed to use that port without my knowledge. Of course, this analysis may be wrong and I'd be glad if someone pointed that out.

So in search for an application based firewall (searched on freshmeat) I found tuxguardian. Maybe some of you have experience with it and know whether it is a safe solution.

Or maybe something else would be recommended.

Anyway, comments are highly appreciated.

IPtabes does report usually in the /var/log/syslog. You can redirect it somewhere else if you want, most Linux Firewall software use IPtables, and provide a GUI for it, guarddog and shorewall come to mind.

Hi,

I know my opinion might be just a little suspect, since I'm the developer of TuxGuardian :-) but you can give it a try.

It is actually still being developed, but as far as I tested it is secure and I'm using it since february without any crashes/problems. I implemented it using the new kernel security mechanisms (such as LSM) and so I block socket syscalls before anything bad can happen.

I wish I could give you some pointers to other Linux programs that perform the same task (that is, programs like zonealarm, kerio, etc), but I sincerely don't know any. In fact, the absence of such programs was the main reason that made me start the project.

Of course, as anyone in the security business know, NO software is completely safe. But I'll be glad to receive some bug reports :-) If you need any help, you can find my email in the webpage of the project.


The best,

Bruno

Tnx for the replies, and brunocs for registering. I think I'm going for a setup with 2 firewalls, tuxguardian and an iptables one. I am a little paranoid.