[techtalk] Fwd: Question re: Firewalls
James Sutherland
jas88 at cam.ac.uk
Sun May 13 08:54:23 EST 2001
On Sun, 13 May 2001, Kriselda Jarnsaxa wrote:
> I have no experience setting up a firewall (except for the "preconfigured"
> kind you can get for windows), so I don't have a lot of understanding about
> how to firewall my Linux system. What's the best place to find that kind of
> information?
IPCHAINS-HOWTO is a very good start, I think. Are you using a 2.2 or 2.4
kernel? 2.2 uses IPCHAINS, 2.4 has IPTABLES instead (2.0 had "ipfwadm").
If you're wanting to set up a firewall system between you and the
Internet, looking at something like Coyote Linux would be a good idea too:
they have a nice simple tarball. Download, run, it builds a Linux boot
floppy with all the configuration done for you: just boot your firewall
box from that floppy. Only useful if you're using a dedicated firewall
system, though...
I use Coyote at home, to provide NAT for my home LAN to the cable modem -
with the result an external port scan will show NO open ports at all.
(If I needed remote access to my machines, I could allow something like
SSH through fairly easily, as explained in the HOWTO.)
What sort of firewalling do you need?
James.
--
"Our attitude with TCP/IP is, `Hey, we'll do it, but don't make a big
system, because we can't fix it if it breaks -- nobody can.'"
"TCP/IP is OK if you've got a little informal club, and it doesn't make
any difference if it takes a while to fix it."
-- Ken Olson, in Digital News, 1988
More information about the Techtalk
mailing list