FIREWALL STUFF

G Mc.Pherson gmcphrsn at yahoo.ca
Thu Feb 22 00:20:30 UTC 2007 

Hi Maurice,

jean francois wrote:

> Your last statement "PS Perhaps I don't even need a firewall?" gave me
> the shivers.
> 
> Firewall are as essential on a computer as an external door on your home.
> A kernel firewall, like in *nix, is better than a software firewall,
> like in Windows; because, there are network worms that will affect
> your network card from the get go, this why you want a firewall that
> load BEFORE the network card activate; also, It is only a matter of
> time, for a worm to boot your computer, using wake-on-lan, and install
> whatever bot they need.

> Maurice Murphy wrote:
>> I first of all tried Firestarter that comes installed with the Edgy
>> package.  Unfortunately it seems to have some sort of a bug.  It also
>> gums up my home network.  So I removed Firestarter using Synaptic and
>> loaded Gnome-Lokkit.  My question is, how do I set this up?  I see no
>> menu item.  When I try running it via alt-F2 (sudo gnome-lokkit) run, I
>> sometimes get what looks like a gnome-lokkit screen.  If I click the
>> Next button, the screen disappears and nothing else happens. 
>> Suggestions anyone please?  Many thanks, Maurice
>>
>> PS Perhaps I don't even need a firewall?

I absolutely concur with everything Jean said. I myself have not just 
one firewall but three. I use a dedicated PC running IPCOPS 
(www.ipcops.com), then a commercial router (linksys) and finally 
firestarter on my actual desktop machine. Call me paranoid, but with 
each of those firewalls being based on different software/hardware I can 
be pretty sure that if some random hacker finds a vulnerability in the 
first one, then the second or third one will help slow or stop them.

The trick with Firestarter is, that you need to set it to restrictive 
and only allow traffic that you know you'll need for outbound traffic. 
For example, allow smtp(25) and pop3(110) traffic for email reception 
and transmition, http/https(80/443) for web surfing. If you look at 
/etc/services, you will find a complete list of port numbers a 
particular service needs.

The inbound traffic window should remain empty unless you are running a 
service for other machines, again as an example, http(80) if you were 
running a webserver.

I've added a snapshot of what my outbound firestarter window looks like 
with the services/ports I allow. My inbound window is empty as I'm not 
running any service for other machines.

Hope this helps some...

Regards
Gord
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firestarter.jpeg
Type: image/jpeg
Size: 38064 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-ca/attachments/20070221/f9f95619/attachment.jpeg>

More information about the ubuntu-ca mailing list