What is wrong with firestarter?

[Brian McKee]

On Tue, Aug 26, 2008 at 9:05 AM, Knapp <magick.crow at gmail.com> wrote:
> I read something here about Firestarter not being so good to use. What
> is the problem with it? I use it and like it so far but don't want to
> get hacked because of using it over something better.

I recently wrote here that I didn't like firestarter because it didn't
always do what *I* expected it to do.   I'll freely admit it might be
*me* that's the issue, not firestarter.  I haven't used it in a while
so maybe it's even improved.  I do recall having issues with it not
starting even though the documentation said only the GUI wasn't
starting - but that was roughly around the release of Dapper.

At the risk of giving an essay response where one line was requested -
I think there are two points you should keep in mind.

One - You don't need to get to excited about firewalls on a regular
Ubuntu desktop unless you like experimenting with stuff that isn't
installed by default.  A firewall stops access to a port - but unless
there's something running on that port it's a moot point.  That's why
Ubuntu ships without a running firewall after all.  They only come in
handy to cover up your mistakes so to speak - if you leave a port open
by accident (maybe you didn't even know that program you installed
opened one!) it'll keep it private.  It's not a cure-all.

Two - Never ever trust a firewall without verification!   Like
backups, if you don't test your firewall, you might as well not have
one  (because you quite possibly DON'T have one!).
Learn how to use tools like nmap <http://nmap.org> or `man nmap` and
Shields Up <https://www.grc.com/x/ne.dll?bh0bkyd2> and interpret what
they mean.  Then you can use any of the firewall tools with
confidence, because you KNOW they work.

Brian