morning thoughts on firewall

Dag Rune Sneeggen contactus at dudcore.net
Thu Dec 23 18:22:23 CST 2004 

I've found guarddog to be a brilliant and mature software firewall.
It's an IPTables front end, with excellent user-friendliness.
Manually setting up your firewall is the best way for an experienced user, but newbies still like to 
have a point 'n click option. Of which I feel that Guarddog is at a level of its own.
Try it out!

I feel it could be included with the Install CD. Easily!

Cheers and merry christmas!
--
Dag Rune Sneeggen
Romolslia 23B
7029 Trondheim
Norway

dudcore Inc. (http://www.dudcore.net | contactus at dudcore.net)
Lovely hosting for elite and not so elite people!
Free FTP download mirrors for everyone! (http://mirror.dudcore.net)

  _______________________________________
/ I tell ya, dudcore Inc. is good to us \
\ cows!                                 /
  ---------------------------------------
         \   ^__^
          \  (oo)\_______
             (__)\       )\/\
                 ||----w |
                 ||     ||


Matt Zimmerman wrote:
> On Tue, Dec 21, 2004 at 10:08:32AM +0100, Marco Bonetti wrote:
> 
> 
>>Last time I help to install an ubuntu on friends' computers I was
>>asked about the presence of a firewall.
>>I answered as in the faq: "there is a firewall, but it isn't
>>configured because you do not need it", my friend was a bit surprised
>>and he pointed out that os x and windows have a configured firewall.
> 
> 
> The reason that Ubuntu doesn't install a firewall by default is because
> there is not yet a firewall application that we feel is mature and
> featureful enough for this role.
> 
> A firewall application is a high-level, user-visible component of the system
> which manages the configuration of the packet filtering functionality in the
> kernel (netfilter).  While the underlying functionality needed for a
> firewall is robust and mature, there is rather a lack of truly supportable
> solutions for configuring it.
> 
> 
>>Then another 2 problems came up: what to do when the user installs some
>>kind of service or wants to work out a custom policy?  Maybe init.d
>>scripts could be modified to open their needed ports when "start" is
>>called and iptables could be linked, so chmodding +x/-x the link will
>>enable/disable this "automagic" stuff.
> 
> 
> This is the sort of thing which would be handled by a firewall application.
> :-)
>

More information about the ubuntu-devel mailing list