-
April 24th, 2003, 02:44 PM
#1
Member
BEST FIREWALL For RED HAT LINUX 8
I am new to Linux. I am using Red Hat Linux 8.0 Pro. They say that it comes with a firewall. How good is this firewall? Is it something like Windows XP version of firewall? Do I need to get another firewall like Zone Alarm ? If I need to get one, which one do you recommend for Linux?
Thank you for answering my question.
-
April 24th, 2003, 02:55 PM
#2
I am not a linux guru, nor do I claim to be. However, I do know Linux comes with a built in firewall called Ipchains (and in newer versions, IPTables, a more powerful firewall).
Good luck!
[shadow]uraloony, Founder of Loony Services[/shadow]
Visit us at
[gloworange]http://www.loonyservices.com/[/gloworange]
-
April 24th, 2003, 02:57 PM
#3
i'm scrapping my Mandrake box and installing RedHat...
i'd like to set IPTables? up for my new box...
what kind of stuff should i google for?
Creating a FireWall...
http://www.redhat.com/support/resour.../firewall.html
Example RedHat IPCHAINS Script...
http://www.redhat.com/support/resour...llservice.html
When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
http://www.AntiOnline.com/sig.php?imageid=360
-
April 24th, 2003, 02:59 PM
#4
google for "newbie IPTables help" "Iptables help" "help with IPTables" "IPTables tutorial" "setting up IPTables" or anything along those lines.
Good luck!
[shadow]uraloony, Founder of Loony Services[/shadow]
Visit us at
[gloworange]http://www.loonyservices.com/[/gloworange]
-
April 24th, 2003, 03:05 PM
#5
The more important question here is, "Which firewall best suits my needs?" Sit down and determine what your firewall needs to do then decide which firewalls perform the tasks well. This will save you some time and sanity - trust me.
The canned firewall that comes with RedHat 8 will work fine for most home users. It uses, as you already know, IPTABLES, which can be manipulated either command line or through the GUI that comes with KDE/GNOME, etc.
If you are unfamiliar with firewall configuration, I'd suggest that you read up on IPTABLES and how it works *before* you depend on it securing your network. One of my *favorite* things to find is a misconfigured firewall.
Anyway, before I go off on an unsolicited rant go ahead and search the forums here on how IPTABLES works and how to configure IPTABLES. There are plenty of talented folks here who have addressed this in the past and I know that it will help you too.
Good luck!
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
April 24th, 2003, 03:13 PM
#6
IPchains no longer exists it was replaced by IPtables. IPtables is a great firewall, but a nightmare to configure. Look at Iptables configuration scritps like gSheild. If you can wait I will be writeing up a tut on this tonight and tomarrow (hope ot have it up saterday...I am a slow writer.)
-
April 24th, 2003, 03:19 PM
#7
hey hey hey
Hey , here is a few How-To's / FAQ's / etc...
i just found these off of the redhat site...
www.redhat.com
hope this helps some of my fellow newbies
sorry about the .zip - i'm at work on my winblows box, eh...
When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
http://www.AntiOnline.com/sig.php?imageid=360
-
April 24th, 2003, 04:17 PM
#8
-
April 24th, 2003, 11:12 PM
#9
If your not running any kinds of servers, you be good just using the security level configuration tool. Set it to high (that is the default). You should be rather secure as it would appear that no open ports are available from the outside. Use nmap to scan your ip address. If you decide to run a server, you can always customize the security level, to allow incoming server requests.
Thanks,
PuRe
.
-
April 25th, 2003, 05:10 AM
#10
- Iptables is really a very good packet filter firewall, and you will find in general that 'real' packet filtering firewalls
are complicated to configure, this is true even on the most advanced commercial firewalls like those of Checkpoint.
So with this I say it behooves you to learn Iptables well, because it is a quite capable firewall and greatly surpases
the abilities of tools like Black Ice and Zone Alarm and the other laundry list of sub-par firewalls for Windows/Mac,
and is essentially an Industry grade packet filtering firewall.
- Syntactically, ipfw that comes with OpenBSD and FreeBSD is a fair bit easier as the rule sets are essentially plain
english (e.g {$fwcmd} allow tcp from any in 192.168.1.0/24 to 192.168.2.1 on 25 established ), etc. This option
does not help you unless A) you have a spare box that you can load OpenBSB or FreeBSD on, or B) you decide
to use either FreeBSD or OpenBSD on your workstation.
- If you can at all afford it ( a 486 with a 10/100 NIC can make a good firewall using iptables/ipfw) you really should
try to place your firewall between your network/workstation and the internet at a minimum.
----- Sorry for the long winded mumbo jumbo, this is a favorite topic ----------------
Get OpenSolaris http://www.opensolaris.org/
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|