January 22, 2013

What is a good firewall?

I finally got ubuntu 12.04 installed after 4 months of headaches and need (or think I need) a firewall,any suggestions? Thanks, who knew

Answer to the question

A good firewall is not a simple thing to engineer. It needs to outsmart every new hacker trick without bothering you or slowing you down. The ClearOS Linux firewall app allows administrators to simply open ports (or port ranges) for services running locally on the server. If a service requires connections from outside your network to be made (i.e. running a web or mail service on a system configured for gateway and server), a corresponding port or port range will need to be added through this app.

 

Like  (0 likes)

I would suggest , iptables would be the best if u know how to configure it...

I would suggest , iptables would be the best if u know how to configure it

1)iptables from http://www.netfilter.org/

Below firewalls use of NETFILTER/IPTABLES

2)ipcop from http://www.ipcop.org/

3)ufw from https://launchpad.net/ufw

4)shorewall from http://shorewall.net/

Like  (0 likes)

You can use this script shell for basic protection. Traffic from external...

You can use this script shell for basic protection. Traffic from external networks is denied, but you can establish a new connection to any destination.

#!/bin/bash

# Clearing old rules

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT

# Security policy

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# Rules for loopback

iptables -A INPUT -i lo -j ACCEPT
iptables -A FORWARD -o lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# Rules for incoming traffic, allow only traffic from established connection

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Rules for outgoing traffic, allow to establish new traffic and allow traffic from established connection

iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

Like  (0 likes)

Thanks to everyone for the replies. I got the firewall installed and now need...

Thanks to everyone for the replies. I got the firewall installed and now need to get it configured(lot more reading)but having fun learning. Till later Be happy and Have fun, who knew

Like  (0 likes)

You probably already have one installed- just needs to be configured....

You probably already have one installed- just needs to be configured.
I don't use Ubuntu but from a quick search it appears that Ubuntu uses iptables (actual firewall and a pita to configure) + ufw -front end for iptables to simplify config.
Check to see if these are installed else I'm sure they're in your repositories.

Also would like to commend you for your persistence. I know- with the hundreds of distros out there- I wouldn't have wasted 4 months trying to get one to work. I would have tried to find one that liked my hardware better or wasn't broken out of the box.
Check out distrowatch.com

hth
harv

Like  (0 likes)

Yes, all modern Linux distros will have a firewall. However, just like any OS...

Yes, all modern Linux distros will have a firewall. However, just like any OS, the pre-instaled firewall will be pretty weak. If you want true security, you are going to want to install third party antivirus. And even then, your Linux box will not be bulletproof. So yes, it will have a firewall, but I wouldn't use that as my only line of defense.

Like  (0 likes)

for Linux (Desktops) a firewall is not mandatory. vulnerabilities are...

for Linux (Desktops) a firewall is not mandatory. vulnerabilities are actively fixed in the programs rather than relying on a firewall to plug all known holes (like windows)

The default Linux firewall is handles by iptables (http://en.wikipedia.org/wiki/Iptables). There are many Graphical frontends to aid users like Gufw https://help.ubuntu.com/community/Gufw

Like  (0 likes)

Ubuntu has an inbuilt firewall caled ufw. The graphical version for it is...

Ubuntu has an inbuilt firewall caled ufw. The graphical version for it is gufw. U can search in the Ubuntu Software Center you will find it Ufw is installed by default and is one of the strongest firewalls ever.
OR u can use IPTables, the best.....
iptables is a user space application program that does packet filtering, network address translation (NAT), and port address translation (PAT). iptables can use for IPv4/ IPv6.

Like  (0 likes)