Re: firewall

To: debian-user@lists.debian.org
Subject: Re: firewall
From: Joe <joe@jretrading.com>
Date: Wed, 4 Jul 2012 09:04:44 +0100
Message-id: <[🔎] 20120704090444.3d496236@jretrading.com>
In-reply-to: <[🔎] B24C45DD-F0FB-47CF-A5ED-2163A377A30A@gmail.com>
References: <[🔎] CAG9cJm=YgTrfu7ayQFQH-7--iVUiMdEHE1sKYj7Ds7+k8_ZRhg@mail.gmail.com> <[🔎] 1341382519.2110.17.camel@precise> <[🔎] B24C45DD-F0FB-47CF-A5ED-2163A377A30A@gmail.com>

On Wed, 4 Jul 2012 15:04:03 +0800
lina <lina.lastname@gmail.com> wrote:

> 
> Ha... I just realized mine is exposed at least in our department.  I
> can see the open ports and the OS. Just sometimes wish it can be
> invisible in some way.  
> 

Most ports can be closed by configuration, even the infamous portmap
can be limited to localhost if you're not using it externally e.g. for
NIS or NFS. If you have a standalone Linux machine in a foreign
network, pretty much everything can be closed.

I'd have thought most of the simple firewall frontends would do what
you need. If they are simple to configure, then they tend not to be
very flexible, so if you need the full power of iptables, you have no
choice but to learn to use it. But just to keep out random automatic
attacks, which may or may not be looking for Linux machines in a
Windows network, one of the simple ones should work.

I gave firestarter a go on my workstation, but it didn't really suit me
and is now not under development. The package description suggests gufw
as a modern replacement, but I know nothing about that.

-- 
Joe

Reply to:

Follow-Ups:
- Re: firewall
  - From: Tom H <tomh0665@gmail.com>

References:
- firewall
  - From: lina <lina.lastname@gmail.com>
- Re: firewall
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
- Re: firewall
  - From: lina <lina.lastname@gmail.com>

Prev by Date: Re: firewall
Next by Date: Re: firewall
Previous by thread: Re: firewall
Next by thread: Re: firewall
Index(es):
- Date
- Thread