ubuntu at kitterman.com
Mon Aug 30 03:57:07 UTC 2010
On Sunday, August 29, 2010 05:10:38 pm Jim Kielman wrote:
> There is a tool for setting firewall rules installed by default called
> ufw, for those that need a graphical tool to set firewall rules, it's
> just as easy to install gufw, as it is to install firestarter.
> The biggest problem is one of education, most users assume that
> firestarter is the the firewall, when in fact it is iptables/netfilter.
> I'm still learning how to use mailing lists, I created a message last
> night that only got sent to the the person I replied to, so here goes
> I'm one of the moderators on the forum, and we are constantly trying to
> educate the membership of the dangers of running applications as root.
> Firestarter needs to be run as root.
> This wouldn't be a problem if users ran the program the way it is
> supposed to be run, start it, set the firewall rules, then shut it down.
> Many users start it up when they log in, and leave it run all day,as it
> monitors the firewall and shows blocked connection. Many also assume
> that if firestarter is shutdown they no longer are protected by a firewall.
> With the included tool for setting the firewall all you have to do is
> enable the default rule set and it's done. The default rule set blocks
> almost everything, and in Windows terms makes the users system seemed
> to be stealthed. All you need is one simple command:
> sudo ufw enable
> And your done. If the defult rules aren't good enough, you can use gufw
> for adding additional rules.
All good arguments for why firestarter isn't something to ship in the default
install, but not a reason to remove it from the archive.
More information about the Ubuntu-devel-discuss