Re: Firestarter: how to auto start it?
--- Andrei Popescu <andreimpopescu@gmail.com> wrote:
> lmyho <lm_yho@yahoo.com> wrote:
>
> > I haven't lauch the gui firestarter yet, it's a good time, so I checked the
> > 'iptables -L', I do get many outputs, but for the three you listed, I got
> different,
> > please see:
> >
> > Chain INPUT (policy DROP)
> > target prot opt source destination
> >
> > Chain FORWARD (policy DROP)
> > target prot opt source destination
> >
> > Chain OUTBOUND (1 references)
> > target prot opt source destination
> >
> > Why is mine 'policy DROP'? And under these title lines, under 'target', lots of
> > them are ACCEPT, some are DROP. What happen? Does my firestarter running? Or
> do I
> > have something set wrong?
> >
> > I would highly appreciate your help! Thanks!
>
> I don't know too much about iptables, but here are some explanations.
>
> Policy DROP is normal and ok. Windoze firewalls call this 'stealth'. It
> means that, if somebody is trying to establish a connection to your
> computer, the firewall does not respond with a REJECT, but it will just
> DROP the IP packets. This makes it more difficult to establish if you
> really exist on the net.
>
> Some of the lines need to have ACCEPT, because if you close everything
> you won't be able to surf anymore.
>
> There are various sites on the internet that can scan you on request
> and give some indication of what your firewall is doing. But even if
> you get perfect results in such scans, you still need to keep your
> computer up-to-date with security updates.
>
> If you are serious about security there is lots of reading available on
> the net.
Thank you Andrei! I feel much better for my firestarter now. :)
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Reply to: