[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Desktop firewall


gnome-lokkit would be a better candidate instead, but looks dead
upstream (last GNOME upload was in 2002) and is gtk+1 only. If someone
steps in with a new candidate or update gnome-lokkit, I would be glad
to reconsider.

Btw, do you have any removals suggestions? :) Replace candidates are
also ok, considering that we want more features and less resource
hungry software for Lenny (including disk, cpu and memory).

On 6/8/07, André Luiz Rodrigues Ferreira <andrelrf@gmail.com> wrote:
Hi all,

I'm using the Sid desktop and would like to suggest the inclusion of a
firewall in Desktop task on tasksel.
A firewall does not guarantee security but it is in most environments
the first line of defense against network based attacks.

Which firewall can we use?
I suggest Firestarter[1].
Firestarter is an Open Source visual firewall program. The software
aims to combine ease of use with powerful features, therefore serving
both Linux desktop users and system administrators.
I use this for 4 years and think very easy for novice users.

Firestarter features:

    * Package stable on Debian[2]
    * Open Source software, available free of charge
    * User friendly, easy to use, graphical interface
    * A wizard walks you through setting up your firewall on your first time
    * Suitable for use on desktops, servers and gateways
    * Real-time firewall event monitor shows intrusion attempts as they happen
    * Enables Internet connection sharing, optionally with DHCP
service for the clients
    * Allows you to define both inbound and outbound access policy
    * Open or stealth ports, shaping your firewalling with just a few
mouse clicks
    * Enable port forwarding for your local network in just seconds
    * Option to whitelist or blacklist traffic
    * Real time firewall events view
    * View active network connections, including any traffic routed
through the firewall
    * Advanced Linux kernel tuning features provide protection from
flooding, broadcasting and spoofing
    * Support for tuning ICMP parameters to stop Denial of Service (DoS) attacks
    * Support for tuning ToS parameters to improve services for
connected client computers
    * Ability to hook up user defined scripts or rulesets before or
after firewall activation
    * Supports Linux Kernels 2.4 and 2.6
    * Translations available for many languages (38 languages)

-- stratus

Reply to: