Recommendations please - Firewall for desktop Linux station

Using Mandrake 10.1 as a desktop environment, office, browsing, e-mail, ng's, etc.

I'd like to put up a firewall. Recommendations appreciated. Ideally, the firewall would detect programs accessing the ethernet and then put up an "allow/deny" question box. (Lazy? er, yes.).

I did download Bastion, but for some strange reason the de-archiving is taking a very long time... strange behavior... I don't trust it enough to install it.

TIA. Alan

Reply to
Alan Browne-
Loading thread data ...

Try Kmyfirewall

Reply to
Bigbob

Why not just set up a firewall using iptables?

Reply to
Jean-David Beyer

A perfectly legitimate use for ML 10.1.

In order to answer this question, it would help to know what problems you were having with the default firewall (or would it not install properly for some reason?)

So, more information, please.

Reply to
Mark South

Doesn't Mandrake include iptables? That's as good a firewall as any out there.

Reply to
John Thompson

If you want a gui for iptables, try Guarddog.

Dave

Reply to
Dave Stanton
· Alan Browne- :

No, that's not the ideal solution. Normally, those "firewalls" aren't needed at all.

Just configure your system so, that only the required services are accessible from the outside. After that, no "firewall" needed.

Alexander Skwar

Reply to
Alexander Skwar

Only catch being if you come across a webpage or some other internet service that uses an oddball port. Guarddog is primarly based around opening/closing specific ports, so access to the oddball port you want will be disabled until you add a custom protocol to GD's list. BitTorrent users who use ports other than 6881, for instance.

Reply to
Ian Merrithew

Thanks everyone for your replies. I'll look into the iptables and see what I learn.

Cheers, Alan.

Alan Browne- wrote:

Reply to
Alan Browne-

....not knowing there is a default firewall appears to be one of my problems... I'll look into the iptables ...

Cheers, Alan

Reply to
Alan Browne-

Use bastion-firewall from bgSEC, it's GPL :-)

Reply to
Jose Maria Lopez Hernandez

What kind of talk? Mine talks quite a bit:

Jan 17 15:04:09: IPT In FIREWALL: IN=ppp0 SRC=64.124.186.66 LEN=72 TOS=0x00 PREC=0x00 TTL=42 ID=0 DF PROTO=UDP SPT=62309 DPT=53 LEN=52 Jan 17 15:04:09: IPT In FIREWALL: IN=ppp0 SRC=212.187.170.2 LEN=72 TOS=0x00 PREC=0x00 TTL=50 ID=0 DF PROTO=UDP SPT=43340 DPT=53 LEN=52 Jan 17 15:04:09: IPT In FIREWALL: IN=ppp0 SRC=202.222.25.4 LEN=72 TOS=0x00 PREC=0x00 TTL=43 ID=0 DF PROTO=UDP SPT=10847 DPT=53 LEN=52

Iptables can log anything you want. You could even log all incoming and all outgoing messages if you did not have enough to read. I seriously do not recommend that. I used to log all rejected incoming and outgoing messages, but I had to turn of logging of rejected pings since there are so many.

I get rashes of this stuff, all hitting my name server (which is not open to the public). They come in bunches so while the SRC addresses are all different, they are obviously part of a concerted attack. I.e., I will get a couple of dozen of these, then a 10-minute break, then another batch from the same IP addresses. It seems to me that a lot of machines have been infected with some virus that launches these things regularly.

Reply to
Jean-David Beyer

And it might be very nice, but Mandrake 10.1 sets up iptables by default with generally sensible settings, so I was just wondering what problem Alan was trying to solve with a different firewall. It turned out he was thinking like a Symantec-on-Windows user, expecting the firewall to be very talkative.

Reply to
Mark South

I meant Symantec-like popping-messages-to-the-display kind of behaviour as opposed to silently writing to the logs. But that was an inference on my part anyway.

Reply to
Mark South

Firestarter may be annoying enough if you leave the GUI running: it spits the log out real time on the GUI, and lets you refine your firewall in various ways based on the hits. What is still missing is the regular pop-up asking you what to do with every packet, but there's always the panel applet blinking red and green at you :)

Reply to
Juha Siltala

Essentially correct. I can't see any logged activity ... but that's 'cause I don't know where to look...!(yet). Ain't being new at something refreshing...

Cheers, Alan.

Reply to
Alan Browne-

Stop it, you're making me nostalgic for the old days when I used Windows....

:-)

Reply to
Mark South

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.