- Posts: 1700
- Thank you received: 0
Setting up a Linux Firewall
20 years 1 month ago #2941
by Neon
Replied by Neon on topic Re: Setting up a Linux Firewall
nnbnbIf you want to learn howto use IPTables I would recommend this site:
www.dalantech.com/ubbthreads/showflat.ph...5&o=&fpart=1
Unfortunately it is about ipchains not iptables but they are very similar. This is a good resource to know how iptables basically works. If anyone has another site like this I would love to hear from them
cannot know too much about iptables.
sahirh as for your question about a gateway firewall, I assume it is going to be running Windows so I would 100% recommend ZoneAlarm Pro. I don't know how big their budget is but I know if they spend a few more pennies on ZA they will not be disappointed but then again I’m sure you have thought of this too right?
If they are looking for a free firewall I will look around abit to see what kind of windows firewalls are out there.
I assume they just want to share the internet connection through the 2K box, be secure and nothing else?
www.dalantech.com/ubbthreads/showflat.ph...5&o=&fpart=1
Unfortunately it is about ipchains not iptables but they are very similar. This is a good resource to know how iptables basically works. If anyone has another site like this I would love to hear from them
cannot know too much about iptables.sahirh as for your question about a gateway firewall, I assume it is going to be running Windows so I would 100% recommend ZoneAlarm Pro. I don't know how big their budget is but I know if they spend a few more pennies on ZA they will not be disappointed but then again I’m sure you have thought of this too right?
If they are looking for a free firewall I will look around abit to see what kind of windows firewalls are out there.
I assume they just want to share the internet connection through the 2K box, be secure and nothing else?
20 years 1 month ago #2943
by Cheetah
Kind Regards,
<b>Cheetah</b>
<i>The outcome of devotion is, quality!</i>
Replied by Cheetah on topic Re: Setting up a Linux Firewall
Hi Nubs,
Dont worry. If you have figured out how to install Linux
then
2. Remove all the un needed packages. Remove mercilessly Please take care of dependencies.
3. Please figure out how to install webmin too, from www.webmin.com to fine tune your Linux box in all possible ways you can.
4. Finally for building the rules use the webmin module or www.fwbuilder.org
5. Read a lot, and the nice members (like me :twisted: ) and friend's at firewall.cx team is always their to help you. Chris, Sure Right ?
For Sahirh. (Just sharing thoughts)
1. Install the firewall builder daemon on your clients firewall machine.
2. Every time they need a change make the change from your soho/workplace & deploy it directly to the daemon at client's place over the wire Let them out source it to you
3. You can give the administrator the fwbuilder's xml config if he wishes to keep.
4. You can offer the client a short training for fwbuilder
Regards
Cheetah
Dont worry. If you have figured out how to install Linux
then2. Remove all the un needed packages. Remove mercilessly
Please take care of dependencies.3. Please figure out how to install webmin too, from www.webmin.com to fine tune your Linux box in all possible ways you can.
4. Finally for building the rules use the webmin module or www.fwbuilder.org
5. Read a lot, and the nice members (like me :twisted: ) and friend's at firewall.cx team is always their to help you.
Chris, Sure Right ?For Sahirh. (Just sharing thoughts)
1. Install the firewall builder daemon on your clients firewall machine.
2. Every time they need a change make the change from your soho/workplace & deploy it directly to the daemon at client's place over the wire
Let them out source it to you 3. You can give the administrator the fwbuilder's xml config if he wishes to keep.
4. You can offer the client a short training for fwbuilder
Regards
Cheetah
Kind Regards,
<b>Cheetah</b>
<i>The outcome of devotion is, quality!</i>
20 years 1 month ago #2944
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: Setting up a Linux Firewall
Neon, yep I'm currently considering ZApro and Sygate.. I've had bad experiences with Sygate in the past.. but it does allow for more configuration than ZA, plus I believe it has some rudimentary IDS capabilities as well.
I'm also going to shove a snort box on the network just for a bit of fun
Cheetah.. I was keen to use a linux box.. and still am keen, but I have to get this place up and running really quickly.. there is already a windows box as the gateway, for me to sit and format / reinstall / roll my own firewall will likely be too timeconsuming.. still.. you've tempted me !
I'm also going to shove a snort box on the network just for a bit of fun
Cheetah.. I was keen to use a linux box.. and still am keen, but I have to get this place up and running really quickly.. there is already a windows box as the gateway, for me to sit and format / reinstall / roll my own firewall will likely be too timeconsuming.. still.. you've tempted me !
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
20 years 1 month ago #2957
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Setting up a Linux Firewall
"Linux Firewall" are two words that always manage to grab my attention no matter what mood I'm in :lol:
I've been using IPTables since they came out and I can say they have been a blessing for the Linux Operating System! I strongly beleive that a propperly configured Linux system with a decent set of IPTable rules and some IDS software, can stand up against similair programs that cost a lot of money.
I consider myself an experienced ITables user and I've implemented them at my new job on our two main firewalls, one which over 250 users access the Internet and the other which protects our multi million dollar Oracle ERP system on which the whole company runs off, while each of the firewall's have a rule set over 340 lines
One thing I can say, is that you can never claim to know ITables fully.. after reading hundreds of articles, I still find new areas and cool ways to perform various tasks with them - and I ALWAYS use shell commands to configure them, but Cheetah's suggestion of fwbuilder has caught my attention!
I actually think its perhaps one of the very few decent 'graphical' programs used to configure ITables. I must admit it gives you the impression of a expensive firewall product!
Since IPtables is a very hot topic amongst the linux community we are planning to cover the topic in great depth once our current topic is complete. One thing is though for sure..... expect to see IPTables covered like you have never read it before!
If in the meantime anyone is considering implementing them (Chris rolls his eyes towards Sahir... :roll: .), let us know how we can help configure them rules of yours !
Cheers,
I've been using IPTables since they came out and I can say they have been a blessing for the Linux Operating System! I strongly beleive that a propperly configured Linux system with a decent set of IPTable rules and some IDS software, can stand up against similair programs that cost a lot of money.
I consider myself an experienced ITables user and I've implemented them at my new job on our two main firewalls, one which over 250 users access the Internet and the other which protects our multi million dollar Oracle ERP system on which the whole company runs off, while each of the firewall's have a rule set over 340 lines
One thing I can say, is that you can never claim to know ITables fully.. after reading hundreds of articles, I still find new areas and cool ways to perform various tasks with them - and I ALWAYS use shell commands to configure them, but Cheetah's suggestion of fwbuilder has caught my attention!
I actually think its perhaps one of the very few decent 'graphical' programs used to configure ITables. I must admit it gives you the impression of a expensive firewall product!
Since IPtables is a very hot topic amongst the linux community we are planning to cover the topic in great depth once our current topic is complete. One thing is though for sure..... expect to see IPTables covered like you have never read it before!
If in the meantime anyone is considering implementing them (Chris rolls his eyes towards Sahir... :roll: .), let us know how we can help configure them rules of yours !
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
20 years 1 month ago #2959
by nubs
Replied by nubs on topic Re: Setting up a Linux Firewall
Just a thought...
Could you get into compiling the kernel and talking about what packages and services that should be run for the linux box which will provide the best security. Anything and everything you should do before setting up IP tables?
Seems useless to set up iptables etc. if you have holes in your firewall due to services and applications that do not need to be run.
Btw, cheetah...I have been reading articles upon articles about linux and how to go about setting up the firewall. I will keep at it
nubs
Could you get into compiling the kernel and talking about what packages and services that should be run for the linux box which will provide the best security. Anything and everything you should do before setting up IP tables?
Seems useless to set up iptables etc. if you have holes in your firewall due to services and applications that do not need to be run.
Btw, cheetah...I have been reading articles upon articles about linux and how to go about setting up the firewall. I will keep at it
nubs
Time to create page: 0.155 seconds