Firewall Tips???

Place to discuss Fedora and/or Red Hat
Post Reply
moto526
scripter
scripter
Posts: 99
Joined: Tue Jun 13, 2006 11:59 pm
Location: California
Contact:

Firewall Tips???

Post by moto526 » Sat Jun 24, 2006 3:53 pm

Any of you have any tips for my firewall? I have had to open some of it up to get my bittorrent client to work and I am wondering about security with my computer now. I am behind a NAT router so I am thinking I am still safe, any opinions on this?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5712
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Sat Jun 24, 2006 4:39 pm

Depends on how you have your NAT router configured and what services you have exposed. Is the NAT router also a firewall or are all open ports on your Linux box exposed through the router? I usually set the iptables firewall to fully closed then edit the /etc/sysconfig/iptables manually to add iptables rules just the way I need them. You can also just use the system-config-securitylevel to add what ports you want open. I find that tool too basic for my liking because I also like to restrict some ports to specific source/destination IP address/ranges and you can't do that through that basic firewall tool. It does keep things simple though for people who aren't familiar with iptables. There are also many other GUI utilities out there to manipulate iptables ranging from simple (e.g. firestarter) to a very complex firewall system (e.g. firewall builder). I still prefer to enter my rules in the /etc/sysconfig/iptables file for basic servers and I run "shorewall" on my home firewall which is just an iptables wrapper.

P.S. I just nmap'd the address you posted this message from and all I see open is port 80 with IIS running on it (ewww). :) So if your Linux machine was up there were no ports exposed outside your router.

moto526
scripter
scripter
Posts: 99
Joined: Tue Jun 13, 2006 11:59 pm
Location: California
Contact:

Post by moto526 » Sat Jun 24, 2006 5:41 pm

Good tips for me to look into tonight...

Yea I have my windows server up and running, YEA BABY! So that is why port 80 is wide open. I ran Shields up and that is the only port I found open also... Thanks for the tips, I want to be secure but also run the programs that I want to...

FYI: This is my first post with my Suse box!! Suse is sweet also...!

Post Reply