Good Linux Firewall

Rifter · Nov 14, 2000

Title say it all, i want a good linux firewall, my definition of good is as follows:

1. Good looking GUI
2. Ability to identify attacker(like Black Ice can)
3. Ability to stealth all ports(Also like Black Ice)
4. Dynamic(in that when i want to do something like gaming it will automaticaly open the needed ports and allow me to transmit and other to access, such as a game server, (also like black ice can)

I guess pretty much what i am looking for is Black Ice for linux also being free would be nice but not needed, however a trial version will be needed if it isn't free, i wont buy something until i try it. It doesnt really need to be to user friendly as i do know alot about servers and have used various firewalls for NT machines(everything from basic software firewalls to Cisco PIX systems) But have no linux command line experiance thats why i want a good GUI. Thanks guys!!!!!

GL · Nov 14, 2000

You can set up linux firewalling in the kernal that is as good if not better than blackice. You will not find a GUI for this (you're in linux...who needs a GUI anyways?!). You can find a good linux firewall HOW-TO at your local mirror of the Linux Documentation Project and another great site for configuring the necessary files related to the firewall is Linux Firewall Tools.

I know this isn't what you're looking for, but if you familiarize yourself with the command line (and to be of any use in linux you should), then this should be a cinch. Also, all your dynamic stuff could be done in your choice of a scripting language, as I've done something similar before. However, it is not done for you out-of-the-box.

-GL

Rifter · Nov 14, 2000

hmmmm, there has to be a GUI for it i really dont want to spend to much time learning the command line, i dont have alot of time right now to learn, work has been busy as hell lately. Someone has to know of a decent GUI firewall, it doesnt have to be commercial quality just has to get the job done.

[edit]link for linux documentation project would be handy[/edit]

FUBAR · Nov 14, 2000

People have tried to make gui's for the rc.firewall file, that's about it. Other than that, you're stuck. Most of the people doing the stuff like firewalls want to see EVERYTHING and be able to add a goofy little option that your GUI of choice won't/can't allow for. Hence no gui.

Shuxclams · Nov 14, 2000

Psionic is working on a GUI based version of PortSentry, LogCheck and HostCheck(?) as a complete bundle but it isnt available yet. Not to berate you but if you are so happy with BlackIce why frustrate yourself with a more secure, more reliable and more customizable Linux IPMASQ?

SHUX

jsm · Nov 14, 2000

I think you might want to check out some software like Storm Firewall or even Netmax's firewall software. They are commercial releases that MIGHT just have what you are looking for. Anyhow, you really should be running Check Point FW1 on a Nokia box.

Sunner · Nov 14, 2000

Them Nokia boxes cost like there's no tomorrow

You'd be better off buying a Sun box and hire a consultant to set it up for you

Anyway, isnt there a GUI for ipchains in RedHat7?
Havent tried it myself, but if I recall correctly, it says so on RedHat's site.

There's always Fuego, not sure who makes it though.
Its based on ipchains, but is a more complete solution like FireWall-1.

Oh and BTW, BlackIce is not in the same class is a Linux based firewall running ipchains.

Rifter · Nov 14, 2000

i want a linux firewall beacuse i use linux now 70% of the time and what is IP chains

ArkAoss · Nov 14, 2000

but how can you run linux and not have encountered the prompt? i have tried a version of linux that i cant even get a prompt, i have to navigate it thru snow and static. its actually because it doesnt like the video card i was using, and also it doesnt like hard drives with multiple partions or drives over 20 gb, the only version of linux i've been able to get running was a floppy sized version freesco, very nice. fire wall and routering, but i dont have a sys yet to set aside for it.

feel free to critisize me and tell nme i'm worng, and give me hints and help in my stupidity, for i have only been a linux convert for a week

doug · Nov 14, 2000

Easyfw is a graphical interface to ipchains or ipfwadm allowing to
install a firewall with a few clicks !
http://www.linux-kheops.com/pub/easyfw/easyfwGB.html

IPChains NHF
http://www.linuxnewbie.org/nhf/intel/network/ipchains.html

Linux LAN & Firewall FAQ
Configuring an Internet Firewall and Home LAN With Linux
http://linux-firewall-tools.com/linux/faq/index.html

Rifter · Nov 15, 2000

thanks Doug, i got that program, one question, can it stealth ports? with it running the ports show up as closed, i want them stealth, so no one can even tell if my computer is on or not, thanks.

andri · Nov 15, 2000

probably you just want to get packets dropped (-j DENY) instead of rejecting (-j REJECT) them.

and IPChains is the interface for Linux 2.2 builtin firewall.

Rifter · Nov 15, 2000

ok well i got it working, kind of now with it on, and set to allow http only i can't!!!! surf the net, i cant ping anyone, i cant do anything, but on the bright side my ports are stealthed lol, please help!!!

[edit]Do i really need 2 network cards??? right now i have 1 for my cable connection and for my LAN, why would i need 2 like it says?? they would both be going to the hub anyways so whats the point???[/edit]

ArkAoss · Nov 15, 2000

no your ok that is what i meant one to the cable modem and one to the network, on what ever systems has the cable modem, no need for more, unless you want the cable modem system to be a nexus for 2 networks, like one nic for cable one for network a one for network b, but then there are routers for that, not cheaper but easier

PCPilgrim · Nov 15, 2000

Check out www.PMFirewall.com

HTHs,

PCPilgrim

Rifter · Nov 15, 2000

I think you mis understood ArkAoss i only have ONE network card, not 2, why would i need 2?????

doug · Nov 15, 2000

Short answer is that you can't really make your network secure with only one network card.

You must have your cable modem plugged into your hub, this is a very bad idea. All the other machines on your network are then open to attack from the outside. Someone from outside can now impersonate your firewall machine or other IP addresses in the range that you are using. You have basically left yourself at the mercy of the security provided by your Cable ISP which from what I hear is usually pretty bad.
If this is what you have done then you should install a firewall on all of your machines. Maybe that is what you have done, normally Linux is used as a firewall to protect the rest of your network not just to protect the one linux machine.

Rifter · Nov 16, 2000

well there has to be a way to make it protect just one machine isnt there??? and the other machine on the network is secured very well, its running win2k Advanced server, using MS proxy 2.0's port filtering and win2k's basic port filtering, i would say its pretty secure now how do i make MY linux box secure???

Sensei · Nov 16, 2000

gshield is nice.
http://muse.linuxmafia.org/gshield.html

there is a gui for it ghsieldconf

alot of people like pmfirewall also.

NucleusWDS · Nov 16, 2000

You're telling me ... I've been slaving away writing a firewall script ... trying to learn IP chains rules etc.
When all I have to do is goto:

http://linux-firewall-tools.com
http://www.pmfirewall.com

Damn ... wasted a lot of time and effort !!!
But do learn some good stuff though.

doug · Nov 16, 2000

Rifter, yes you can use these same tools to protect just your Linux box.

What you are doing seems very odd to me though.

Normally you put a firewall between your internal network and the big bad internet. What you are doing is assuming that your internal network is the internet and each machine is protected individually. now that is fine until you start sharing resources between the machines (eg one as a fileserver). In your model allowing your machine A to share files for machine B opens A up to the internet instead of being safely behind your firewall. I guess if your machines don't interact then what you are doing is fine.

Rifter · Nov 17, 2000

they dont interact just are networked for modem, thats it used to share files but not anymore, well we still do but thorugh a FTP set up on my dads comp.

Rifter · Nov 17, 2000

btw i got that pm firewall running, works good, thanks guys!!!!!!!

Rifter · Nov 17, 2000

ummmmmm opppppps sorry for double post

StuckMojo · Nov 17, 2000

ive always kinda wondered what the point of running a firewall on an idividual machine is. why not just turn off the services u dont want ppl to connect to? the only benefit i can see is the "stealth port" thing...which probably still leaves you open to denial of service from a flood, as it still has to examine the packet to decide to drop it.

why block 65530 ports that have nothing listening on them?

Good Linux Firewall

Lifer

Diamond Member

Lifer

Senior member

Diamond Member

Banned

Elite Member

Lifer

Banned

Senior member

Lifer

Senior member

Lifer

Banned

Member

Lifer

Senior member

Lifer

Member

Senior member

Senior member

Lifer

Lifer

Lifer

Golden Member