Good Linux Firewalls

**afroguy013** · 07-31-2005

Ok, I'm heading off to school in a few weeks, and I was wondering if there are any good firewalls for linux out there. See, I don't always have a connection here at home (house is not networked) so I haven't really worried too much about it. That and I keep good passwords. But since I'm going to always have a connection at school, I'm a bit more concerned about security.

I just want one that's got a good reputation, is easy to install and setup, and is easy to maintain. I know pretty much jack squat when it comes to networking, so the simplicity is pretty key here...

Distro: Mandrake 10.1

Thanks in advance.

-Bill

**aysiu** · 07-31-2005

Guarddog?

**sarumont** · 08-03-2005

There is one firewall in Linux. It's IPTables. It's a kernel-level firewall. There are many configuration tools for it, however.

See http://netfilter.org/ for information about IPTables and http://gentoo-portage.com/net-firewall for a good listing of utilities for configuring IPTables.

**Fallen Angel** · 08-03-2005

I would also recommend IPTables. You can configure every detail. But if you want more easy approach then try Guarddog.

**adam7979** · 08-04-2005

http://www.fs-security.com/ - firestarter is another great choice

**drakebasher** · 08-04-2005

iptables comes with most distros, can be configured to do anything you want and there are dozens of tutorials on the internet. Only problem is, you've got to read every one of them or take a course in computer science and then hope it makes sense. Firestarter may work for you.

**ordoni** · 08-05-2005

i am currently using firestarter......

i recommend ethereal

by the way, test your firewall at www.grc.com or at sygate.com

**dwflo** · 08-09-2005

This thread has been very helpfull to me. Able to download and print some documents plus test my security.
I went to http://scan.sygatetech.com/probe.html and https://www.grc.com/x/ne.dll?bh0bkyd2
Both scans gave me relief as I passed all but one scan, and that was my machine name.

Here is a summery of the probe from Shields Up

Dave

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2005-08-09 at 02:11:49

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2005-08-09 at 02:14:42

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

**ordoni** · 08-09-2005

cool.............you passed the grc test.........you can relax while surfing the net

**alain_** · 08-09-2005

Originally Posted by ordoni

you can relax while surfing the net

But you never can be sure

You can pass a firewall,
it's much safer to turn off all unneeded services.
If a service is not running, it can't get cracked.

In the past when i had no server running, i never used a firewall.
There where no ports open, so no need to firewall the box.

Thread Tools

Display

Good Linux Firewalls

Posting Permissions