Find the answer to your Linux question:
Page 1 of 3 1 2 3 LastLast
Results 1 to 10 of 29
I asked myself the same question. I tested my security setup with ShieldsUp at www.grc.com (click on shieldsup logo) this website will verify all ports of any computer connected to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Jan 2005
    Posts
    146

    Is a firewall really needed?


    I asked myself the same question. I tested my security setup with ShieldsUp at www.grc.com (click on shieldsup logo) this website will verify all ports of any computer connected to the net and show a PASS or FAIL with results.

    I was surprised to know that my WIn98SE running ZONElabs firewall, stealths all my ports and makes my computer invisible to the net ab nd is airtight. Whereas Linux Ubuntu without firewall shows ports closed but actively responds to outside port requests and so on...

    What does that mean? I don't know if Linux is airtight or not without a FW. Can spyware exist or download on Linux if it responds so eagerly to port probes?????

  2. #2
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790

    Re: Is a firewall really needed?

    Quote Originally Posted by Dalani
    IWhat does that mean? I don't know if Linux is airtight or not without a FW. Can spyware exist or download on Linux if it responds so eagerly to port probes?????
    I wouldn't even claim Windows is air tight with a firewall.... a firewall doesn't guarantee you security, it just improves seurity.

    iirc, there's (as yet) no spyware for linux, and few virii, because of the limitations as to what virii can do to the system i think... it can only wipe what the logged on user has permission to wipe.
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  3. #3
    Linux Engineer
    Join Date
    Apr 2005
    Location
    Belgium
    Posts
    1,429
    rootkits are IMHO a far more bigger threat on Linux. Use the chkrootkit tool to find them on your system.
    ** Registered Linux User # 393717 and proud of it ** Check out www.zenwalk.org
    ** Zenwalk 2.8 - Xfce 4.4 beta 2- 2.6.17.6 kernel = Slack on steroids! **

  4. #4
    Linux Engineer
    Join Date
    Apr 2005
    Location
    Buenos Aires, Argentina
    Posts
    908
    It's better to have it than not to
    serzsite.com.ar
    "All the drugs in this world won\'t save you from yourself"

  5. #5
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790
    Quote Originally Posted by serz
    It's better to have it than not to
    Well, surely that's the case with ANY security... hehe
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  6. #6
    Linux Newbie
    Join Date
    Jan 2005
    Posts
    146
    I installed Firestarter.Works great.

    I tested it at www.grc.com
    SHIELDS UP testing showed ALL my ports invisible to net probes and responds to no PING request.

    Without a firewall my Linux box had four ports open! and the rest closed but visible to snoops..

  7. #7
    Linux User Krendoshazin's Avatar
    Join Date
    Feb 2005
    Location
    London, England
    Posts
    471
    Quote Originally Posted by sdousley
    I wouldn't even claim Windows is air tight with a firewall.... a firewall doesn't guarantee you security, it just improves seurity.
    You're right about that, many people believe that just by having a firewall they are safe, which is not the case as a firewall is merely the first line of defense.

    A good set of firewall rules will protect you from most things, just don't take them for granted and always secure your system as much as possible.

    Also in regards to the primary question, no, the difference between ports being stealthed and being seen as closed is simply the fact a stealthed port doesn't respond no matter what state it is in. Being able to see all your ports closed isn't much of a concern until you take into account the fact that they can see when they are open also, this is why it is important to filter traffic using a good set of firewall rules.
    When you have things set up as optimal as possible, their scanners shouldn't be able to tell that you're even online, keeping in mind that responding to established connections is the best way to go.

  8. #8
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    I haven't run a firewall for the last two or three years, although I used to switch back and forth between firestarter and guard dog. Doing okay without one so far, but we'll see how it goes.
    oz

  9. #9
    Just Joined!
    Join Date
    Jul 2006
    Posts
    1

    Is a firewall really needed on server?

    I don't really understand need for a firewall on a server machine. Let's imagine usual situation of server with some standard services on standard ports (www, ftp etc). Aren't these listening services potentially much more vulnerable?

    Of course I realise protection against syn-flood attack or blocking open ports of services I don't want to "share" (e.g. X server). But is it really necessary to block traffic to closed port?

  10. #10
    Just Joined!
    Join Date
    Jun 2006
    Posts
    3
    You need a firewall to block access to all ports other than the ones the server is serving content to, eg (www, ftp, whatever)

Page 1 of 3 1 2 3 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •