morning thoughts on firewall
Dag Rune Sneeggen
contactus at dudcore.net
Thu Dec 23 18:22:23 CST 2004
I've found guarddog to be a brilliant and mature software firewall.
It's an IPTables front end, with excellent user-friendliness.
Manually setting up your firewall is the best way for an experienced user, but newbies still like to
have a point 'n click option. Of which I feel that Guarddog is at a level of its own.
Try it out!
I feel it could be included with the Install CD. Easily!
Cheers and merry christmas!
--
Dag Rune Sneeggen
Romolslia 23B
7029 Trondheim
Norway
dudcore Inc. (http://www.dudcore.net | contactus at dudcore.net)
Lovely hosting for elite and not so elite people!
Free FTP download mirrors for everyone! (http://mirror.dudcore.net)
_______________________________________
/ I tell ya, dudcore Inc. is good to us \
\ cows! /
---------------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
Matt Zimmerman wrote:
> On Tue, Dec 21, 2004 at 10:08:32AM +0100, Marco Bonetti wrote:
>
>
>>Last time I help to install an ubuntu on friends' computers I was
>>asked about the presence of a firewall.
>>I answered as in the faq: "there is a firewall, but it isn't
>>configured because you do not need it", my friend was a bit surprised
>>and he pointed out that os x and windows have a configured firewall.
>
>
> The reason that Ubuntu doesn't install a firewall by default is because
> there is not yet a firewall application that we feel is mature and
> featureful enough for this role.
>
> A firewall application is a high-level, user-visible component of the system
> which manages the configuration of the packet filtering functionality in the
> kernel (netfilter). While the underlying functionality needed for a
> firewall is robust and mature, there is rather a lack of truly supportable
> solutions for configuring it.
>
>
>>Then another 2 problems came up: what to do when the user installs some
>>kind of service or wants to work out a custom policy? Maybe init.d
>>scripts could be modified to open their needed ports when "start" is
>>called and iptables could be linked, so chmodding +x/-x the link will
>>enable/disable this "automagic" stuff.
>
>
> This is the sort of thing which would be handled by a firewall application.
> :-)
>
More information about the ubuntu-devel
mailing list