Find the answer to your Linux question:
Results 1 to 4 of 4
Hi, After spending hours setting up a firewall I started to get puzzled about why I was doing it in the first place. If I'm running a linux gateway that ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2004
    Posts
    1

    Why use a firewall when ports are closed anyway ?


    Hi,

    After spending hours setting up a firewall I started to get puzzled about why I was doing it in the first place.

    If I'm running a linux gateway that masquerades windows machines addresses from my network and all the ports are closed on my gateway is there any point in running a firewall ?

    Does restricting incoming tcp packets to those with the ACK flag set prevent any possible intruders ?

  2. #2
    Linux Newbie imdeemvp's Avatar
    Join Date
    Sep 2004
    Location
    California
    Posts
    225
    dont you want to see you is trying to access your box??

    btw....here a great firewall for some popular distros: http://firestarter.sourceforge.net/news.php

  3. #3
    Just Joined!
    Join Date
    Oct 2004
    Posts
    7
    As well as control access you can also:

    - log
    - mangle (i.e. CBQ)

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Apr 2004
    Location
    UK
    Posts
    61
    It is highly unlikely that every single port is closed without some serious modification of most default installs.

    If ports are closed, it does alert people to the fact that your system is there, where a decent firewall with not respond at all to requests leaving people to believe that there is not even a system there.

    Portscans can be conducted very quickly where a port is closed and an entire profile of any vulnerabilities your system may be open to is compiled in no time.

    A firewall massively increases the amount of time taken to scan your computer and an adaptive firewall will automatically react to any attempts to look at your system to give you better security.

    Without a firewall in place, you would have no idea that anyone was even looking at your system and believe me, Without a firewall in place, they would be.

    In the case of a multi user system, without a firewall, users can manage to open ports and blow your whole immunity, a firewall will prevent access to that port even if a user does inadvertantly open it.

    If indeed every single external port is closed, then the benefits are just those already stated.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •