A Good Firewall to use
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: A Good Firewall to use

  1. #1
    Member
    Join Date
    Nov 2003
    Posts
    48

    A Good Firewall to use

    Firestarter.

    http://firestarter.sourceforge.net

    Can also be gotten from www.gnome.org

    For most Linux distros - GUI interface. Easy to configure and use. I have had a lot of luck with it.

    Thought others may find it useful as well.

    .: Aftiel

  2. #2
    Senior Member
    Join Date
    Nov 2002
    Posts
    139
    Thanks, been looking for some other alternatives!

    `pw

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Isn't this just a GUI to make it easier to configure the various build-in Linux firewalls?
    Looks nice though.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  4. #4
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    Posts
    1,018
    For *nix I would reccommend getting to grips with iptables.

    try this by er0k:

    http://www.antionline.com/showthread...light=iptables

    Or install webmin:

    http://www.webmin.com/download.html

    That gives you an easy way to configure.

    Steve
    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com

  5. #5
    Member
    Join Date
    Nov 2003
    Posts
    48
    Essentially what it does is replaces IPTABLES. It will still utilize the built in firewall scheme, although it "replaces" the process on the machine.

    Not physically, but in terms of running processes. With Firestarter running, IPTABLES is shown as not running.

    So yes, part of it provides a GUI for the OS Firewall, but it extends that ability just a bit.

    For me it is certainly convenient, and has been VERY stable, easy to install and use.

    It has all the expected capabilities as well - i.e. logging, etc.

    It also loads as a process on boot - so it hooks into the OS a bit farther than just a Glade interface.

    .: Aftiel

  6. #6
    Developer Extraordinar
    Join Date
    Jul 2002
    Location
    Internets
    Posts
    571
    Whoohoo for IPtables. Yes, all this program does it fix up your iprules nicely and easily so, you don't have to muck around with them, there is another good firewall here (http://firewall-jay.sourceforge.net) it's consol based, but it is very nice, and easy to use.

    MB
    Come to UnError.com

  7. #7
    Member
    Join Date
    Nov 2003
    Posts
    48
    I agree with learning ipchains/iptables. That is how I originally learned.

    Once I had an understanding and could set things up manually, I found Firestarter to be a nice fast way to make changes on the fly.

    I will never argue the point that the base mechanics of things should be studied/learned first. Good points.

    .: Aftiel

  8. #8
    Senior Member
    Join Date
    Mar 2003
    Posts
    135
    I have heard good things about firestarter, and I have played around with webmin a little and thought it was very good as well.
    I just wanted to throw another config app for iptables, though, and it's the one I use. No gui, but really simple, solid, and all that other good stuff.
    Shorewall

  9. #9
    Banned
    Join Date
    Nov 2003
    Posts
    182
    Well, as good as ipchains / iptables have become they still don't address 1 problem. A firewall *should* be a seperate entity dividing two segments. In the context of a network the firewall should seperate the public/private segments of the network. Many software firewalls don't address this issue. If the attackers are at the door, in many cases its already to late. Case in point would be.

    If you had a SW firewall running on the host machine, an attacker could use several automated attack tools to cause the FWs stateful inspection routeens to consume massive ammounts of system resources just to identify and prevent the attacks, resulting is a crude DoS situation.

    HW firewalls are the best way to go as a first layer of defence if you can spend the extra money. Then IDS and host-based FW's next. And don't forget USER EDUCATION!!!! The weakest link always breaks first.

    BTW I have a couple HW firewalls for sale that are no longer in use. PM if you're interested. 1 linksys, 1 sonicwall

  10. #10
    Member
    Join Date
    Nov 2003
    Posts
    67
    Sybase Works Very well for me... and I would NOT Recommend Mcafee Anything..

    Cheers
    [gloworange]The Only Way to be Safe is To Never Be Secure. [/gloworange]
    Benjamin Franklin

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •