linux firewall

Discussion in 'other firewalls' started by steve161, May 27, 2007.

Thread Status:
Not open for further replies.
  1. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Hi members:

    Is a firewall enabled by default in linux and, more specifically, ubuntu? Also, any opinions of the default settings for firestarter would be appreciated. I have been noticing a bit of a slowdown of my connection. I assumed it was a Verizon DSL problem, but they claim it is not (shocking, huh). So I am experimenting with lowering my modem's FW security level, and configuring the iptables.
     
  2. JeffBuck

    JeffBuck Registered Member

    Joined:
    Mar 13, 2007
    Posts:
    32
    YES, iptables is the linux firewall and it's included in the kernel.
    You can set it by command line, or, you can use a GUI, if you prefer.

    OK!

    Firestarter


    Preferences

    INTERFACE (as you want)

    - Events -> Skip redundant entries

    - Policy -> Apply policy changes immediately


    FIREWALL (-> start firewall on program startup)

    - Network settings > it depends on your kind of connection

    - ICMP filter (enable, marked: Echo reply, Timestamping, Traceroute, Unreacheble)

    -ToS Filtering -> not enabled

    - Advanced Option -> Drop silently + Block broadcasts from external network

    About POLICY it depends on the software you use ... add in Inbound Traffic policy:
    Allow Service (name of p2p) from Port (es 4662 for Emule) when the source is Anyone
    ...
     
  3. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Thank you Jeff; the learning process continues o_O
     
  4. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    New to linux Ubuntu (7.10). Installed firestarter from synaptic although
    not really needed as I am not running a server, no sharing, and behind a router.
    I thought it might be useful for outboind protection.
    Firestarter, when installed from a package, runs as a system service.
    However I can't see it listed under System>Services - is it hidden ?
    I know that it works because right after booting up and logging in
    iptables -nL shows that it is 'engaged' so to speak.
    So how does one confirm that it is running as a system service ?

    Only other mystery is that the firestarter tray icon tends to disappear despite
    the setting 'minimise to tray' enabled.

    Regards.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,

    Type the following:

    chkconfigure --list

    Do you see Firestater anywhere on the list?

    And if you type ps aux, what do you get?

    Cheers,
    Mrk
     
  6. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Apparently that is aRed Hat command unavailable in Ubuntu.
    Instead I installed sysvconfig (available in synaptic). Then
    entered > sudo service firestarter status <
    Result: > *Firestarter is running <

    Thanks for pointing me in the right direction.
     
  7. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,
    Always glad to help.
    Although you can always check the status of a service using that command. It's service name switch - which can be stop, start, restart, reload, status etc...
    Cheers,
    Mrk
     
  8. tlu

    tlu Guest

    I'm not sure about other distributions, but as far as Ubuntu is concerned: No, iptables is installed but there are no default restrictive rules. The reason is that, by design, Ubuntu has no open ports since there are no unnecessary services running. Thus, a firewall is usually not needed.

    You can check this by executing

    You will see two exceptions:

    The first is dhclient which may look like this:

    dhclient rejects all packets that do not come from a DHCP server of a local network. This means that this port is open but cannot used for any attacks.

    The same is true for the second exception avahi which may look like this:

    Avahi is a technique used to connect computers in local network e.g. with a network cable without the need to configure them. If you don't need it you can disable it by editing /etc/default/avahi-daemon and setting AVAHI_DAEMON_START=0

    Both services accept only data from the local network and do not impose a security risk.
     
  9. tlu

    tlu Guest

    If you search here in the forum you'll find several lengthy threads regarding the need of outbound control - but they are all related to Windows. Under Linux, if you only use software from the official repositories (and why should you need anything else since you find lots of applications in the repositories for everything and anything?) you won't have any adware or spyware problem. Thus, outbound control under Linux is unnecessary as long as you don't install software from other not trustworthy sites. Period.
     
  10. tlu

    tlu Guest

    Ocky, it's actually not needed that Firestarter is running as it is only a frontend for iptables. The iptables rules - once defined - are executed regardless if Firestarter is running or not.
     
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hullo,
    Second that.
    Mrk
     
Loading...
Thread Status:
Not open for further replies.