fire wall ap
crp at cmc.net
Thu Feb 5 14:23:17 UTC 2009
David Curtis wrote:
> On Thu, 29 Jan 2009 12:53:13 -0500
> Bill <pegasus at sc.rr.com> wrote:
>> David Curtis wrote:
>>> On Wed, 28 Jan 2009 17:28:43 -0500
>>> "Bill" <pegasus at sc.rr.com> wrote:
>>>> I am new to Ubuntu, is it advisable to use (firestarter firewall). I am
>>>> aware that Linux does provide much greater security than windows.
>>> For a decent answer to this you would have to describe how you connect to the Internet and what services you wish to run, ie. SMB (windows style file sharing), NFS (unix style file sharing), remote login etc. Is this a standalone computer or do you have a small office/home network?
>> This is a home wireless network thru a Linksys Router
> Okay. What I'm really asking is; What's the last stage between you and your ISP? Are you NATed (Natural Address Translation)? Are you directly facing the Internet?
> A simple ifconfig in a terminal will tell you whether you have an internal/test space IP address (10.x.x.x,172.16.0.0-172.31.255.255,192.168.x.x) or if you're getting served a real world IP.
> Meaning, if your IP is an internal one your probably behind a device (modem/router) that's disguising you to the Internet, in that case don't worry about a firewalled interface unless you are severely paranoid. The device most likely wont port forward to privileged ports.
> If you have a real world IP for eth0 or a ppp0 entry in ifconfig then if you run a service like file sharing you're showing that service to the world, in this case you do want some decent firewall rules to govern that interface.
> I have a hunch that you don't have to use pppoe to get an internet connection and you are NATed and fairly secure. If I were you, I'd worry more about people connecting to/sniffing your wireless network, use the strongest encryption your wireless router can do.
> In the end, as Brian McKee said, if your not running TCP/IP services then there's no need to firewall. I almost said, no need to worry, But there's always things to be mildly concerned with. :-)
There is just one note I wanted to add to this discussion. If you are on
a standalone system that is not exposing any services to the outside
world, you can obviate the need for a firewall by properly configuring
your /etc/hosts.deny file. All you have to do to block all access from
the outside world is add the single line ALL:ALL to the hosts.deny file,
and no one will be allowed to connect to your machine from the outside.
Should you decide to allow certain connections, you can always white
list them in your hosts.allow file as well.
Adn for the other usual function of a firewall, the /ect/hosts file
allows you to block your web browser, email client, and other internet
programs from connecting to certain internet addresses by adding lines
to the hosts file. Make sure you leave the first two lines intact, they
will look like the following ones -
127.0.0.1 localhost username-desktop
Modify them to use your username instead of the word username. Then, to
block your machine from connecting to any external site add a line like
the following -
This will redirect any attempts to connect to domain.com to your
localhost, which results in nothing loading. There are quite a few sites
on the net that offer pre-populated hosts files which block malware
sites, ad servers, and porn sites, and update them on a regular basis.
You can also use the hosts file to redirect yourself to another domain
when you try to load certain domains. I can't think of an example of why
someone would want to do this, but you can do the following -
In this case, any attempt to load yahoo.com, would result in your being
redirected to google.com. Have a look at man hosts, man hosts.deny, and
man hosts.allow in terminal to get the rest of the details.
Later, Ray Parrish
Human reviewed index of links about the computer
Poetry from the mind of a Schizophrenic
More information about the ubuntu-users