Which firewall do you recommend that works perfectly with Salix????
I have to say that this is a nice distro....I am keeping this one on my laptop. I had a lot of issues with Zenwalk and decided to give Salix a try....nice so far.
-2501
firewall
Re: firewall
I have no use for software firewalls and I have never used any of them. But you can take a look here: http://www.salixos.org/forum/viewtopic.php?p=3781#p3781
and read revoke's posts.
and read revoke's posts.
Re: firewall
Do you think that Salix or Linux does not need firewalls??? Why???
-2501
-2501
Re: firewall
It would be nice to have Firestarter or Gufw available for any user who needs one.
-2501
-2501
Ports Closed in Default Salix?
Hello,
I would like to know whether all service ports are at least closed* in the default configuration of Salix.
(*closed, if not "stealthed"; I realize that the latter is controversial, with some (many?) arguing that it is not only unnecessary to have all ports "stealthed" but may actually be undesirable.)
I searched these forums quite a bit before posting but could not find this info.
But getting back to when one is behind a NAT router-- a hardware-based firewall: At the very least, does a software firewall not provide an additional layer of protection? Can anyone actually claim that a NAT router is absolutely impenetrable?
( Here is one router vulnerability that I recall seeing mentioned (though admittedly I don't whether a software firewall would be any help in the event of such an attack):
arstechnica[dot]com/security/news/2010/07/millions-of-soho-routers-vulnerable-to-new-version-of-old-attack.ars )
I would like to know whether all service ports are at least closed* in the default configuration of Salix.
(*closed, if not "stealthed"; I realize that the latter is controversial, with some (many?) arguing that it is not only unnecessary to have all ports "stealthed" but may actually be undesirable.)
I searched these forums quite a bit before posting but could not find this info.
Well, first of all, maybe not you but any laptop that is used on any public or unknown/untrusted network certainly needs a software firewall.gapan wrote:I have a firewall built into my router. Why would I want to use a software firewall?
But getting back to when one is behind a NAT router-- a hardware-based firewall: At the very least, does a software firewall not provide an additional layer of protection? Can anyone actually claim that a NAT router is absolutely impenetrable?
( Here is one router vulnerability that I recall seeing mentioned (though admittedly I don't whether a software firewall would be any help in the event of such an attack):
arstechnica[dot]com/security/news/2010/07/millions-of-soho-routers-vulnerable-to-new-version-of-old-attack.ars )
"Comment is free, but facts are sacred." ~ C.P. Scott
Re: Ports Closed in Default Salix?
No, they aren't. AFAIK ntpd is running by default, but it doesn't serve time to foreign hosts.Dig_Res wrote:I would like to know whether all service ports are at least closed* in the default configuration of Salix.
Why?Dig_Res wrote:Well, first of all, maybe not you but any laptop that is used on any public or unknown/untrusted network certainly needs a software firewall.
The firewall already is an additional layer of protection. Long story short: If no services are running, nobody can connect anyway.Dig_Res wrote:But getting back to when one is behind a NAT router-- a hardware-based firewall: At the very least, does a software firewall not provide an additional layer of protection? Can anyone actually claim that a NAT router is absolutely impenetrable?
EDIT: We are talking about desktops here. It's much more likely that you have a security problem in your browser, in your flash plugin, in you mail client, ...
Re: firewall
The last time I went on holiday with my laptop I installed Shorewall, altered a few settings from one of the examples and left it to do it's job. Beats micro managing an interactive firewall by a long way.
That said I have to agree with thenktor, if you don't have any services listening then there's nothing to exploit.
That said I have to agree with thenktor, if you don't have any services listening then there's nothing to exploit.
Re: Ports Closed in Default Salix?
Thank you for the prompt reply and I'm sorry for not getting back sooner.thenktor wrote:No, they aren't. AFAIK ntpd is running by default, but it doesn't serve time to foreign hosts.Dig_Res wrote:I would like to know whether all service ports are at least closed* in the default configuration of Salix.
Dig_Res wrote: does a software firewall not provide an additional layer of protection? Can anyone actually claim that a NAT router is absolutely impenetrable?
Really?! I thought if any ports are open, it's only a matter of time before an attacker discovers them and finds a way in.thenktor wrote:The firewall already is an additional layer of protection. Long story short: If no services are running, nobody can connect anyway.
Whenever I have run a firewall that kept logs of blocked connections
(Most recently, Firestarter in Ubuntu) , it always showed continual attempted connections from all kinds of unknown and suspicious sources. At least one every few minutes, many of them tagged as being "very dangerous".
On the other hand, such "blocked connections" were being logged even when I was connected through ISPs that seemed to block all or at least most ports from their end (Online scans such as the ones at grc.com and pcflank.com would report the ports as closed even when I had turned off any firewall before running the scans. )
So I wonder whether it might not have actually been my ISP or, in many cases at least, even just the configuration of iptables itself (ports closed) that was actually blocking all those connections-- and not an app like Firestarter.
But still, regardless of how they were closed, the fact is that ports were closed and here you're arguing that even that isn't necessary.
That could be but I don't quite see the logic in ignoring one avoidable risk (i.e., open ports) just because other risks (i.e. browser and email exploits, etc.) may be greater. Seems to me that anyone serious about security would want to protect themselves against both risks.EDIT: We are talking about desktops here. It's much more likely that you have a security problem in your browser, in your flash plugin, in you mail client, ...
Also, as somewhat of an aside, I have long wondered how much of a risk browser vulnerabilities actually pose when JavaScript as well as Java and all plugins are completely disabled.
Interesting that you should mention Shorewall and "interactive firewall"...pwatk wrote:The last time I went on holiday with my laptop I installed Shorewall, altered a few settings from one of the examples and left it to do it's job. Beats micro managing an interactive firewall by a long way.
The firewall in PCLinuxOS uses Shorewall. But the PCLOS firewall also has an "interactive" option as well one to be alerted of intrusion attempts. (This was exactly the same in the just-released fork of Mandriva called Mageia, from where I think the whole "Control Center" that this firewall setup is part of originates)
What's strange to me is that I have used PCLOS with this firewall many times and I always checked the "interactive" and alert options when setting it up. Yet, I never once got a single warning or prompt of any kind.
(Same ISPs and hardware as when I ran Ubuntu with Firestarter and got the constant intrusion attempt notices)
"Comment is free, but facts are sacred." ~ C.P. Scott