Re: {G}newbie please help need to settup basic firewall

[Michael Bergbauer <michael@noname.franken.de>]

On Fri Jun 06, 2003 at 07:4510AM -0000, Gregory Machin wrote:
> Please advise on what how i should setup a basic firewall, what deamon
> should i use.. how to i close ports to the outside world ?? etc ..

First of all, you need some kind of concept, you need to know which 
risks there are, and which of them are important enough that you need to 
protect your network/host against them. Then decide how to do the 
protection. 

There are several ways to do so, e.g.
- no connection to the internet at all
- no publicly available services (and thus, no listening ports on the 
computer)
- somethink like a packet filter, that has some rules allowing and 
denying communication to certain partners, at different stages
- on the gateway machine routing deactivated and usage of (transparent) 
proxies on this machine

It's not just compiling iptables into your kernel and add a few rules to 
it, you have to know why you want to do this, what goal you want to 
achieve. 

You don't give much information about what you want to do, you don't 
even state what kind of network you want to protect (Corporate, SOHO, 
single workstation), so it's really hard to give you serious advice.

-- 
Michael Bergbauer <michael@noname.franken.de>
use your idle CPU cycles - See http://www.distributed.net for details.
Visit our mud Geas at geas.franken.de Port 3333