Re: Firewall program for Debian?
On Tue, Aug 21, 2001 at 05:11:32PM -0400, dman wrote:
> On Tue, Aug 21, 2001 at 01:48:11PM -0700, Brandon High wrote:
> | On Tue, Aug 21, 2001 at 03:58:57PM -0400, Han Yoo wrote:
> | >
> | > Basically, I have the 2.2.19 kernel.
> | > Is any of the programs that you mentined easy enough to be utilized by a
> | > Debian novice without going into the heavy-duty configuration?
> |
> | 2.2.x uses IP-chains for its packet filter. This will allow you to block
> | certain ports and provide IP masquerade functions, but won't give you the
> | alerting provided by ZoneAlarm. You'll need to install an IDS (intrusion
> | detection system) as well.
>
> ipchains and iptables have a logging facility so you can log packets
> if you want to. It is still up to you to actually read the logs
> though.
>
> | I can't recommend one offhand, but you may want to ask on debian-security.
>
> tripwire is one I've heard mentioned here before.
>
Tripwire is not a firewall..rather it warns you about unexpected
file permission changes etc.
"Quote"
Tripwire is a file integrity checker - a utility that com-
pares a designated set of files and directories against
information stored in a previously generated database.
Added or deleted files are flagged and reported, as are
any files that have changed from their previously recorded
state in the database. When run against system files on a
regular basis, any file changes would be spotted when
Tripwire is next run, giving system administrators infor-
mation to enact damage control measures immediately.
"End Quote"
Cliff
> -D
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: