|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Firewall question...
|
On Mon, 1 May 2000 DrexelDG@aol.com wrote:
> I got a few questions...
>
> Who uses them?
Anyone who is interested in making their systems just a little bit more
secure from the threats that come with having a system connected to the
Internet. That is, anyone from the big multinational corporations all the
way on down to the way down to the guy with a little network at home.
> What kind do you use? Is there a commerical version that is better then a free one?
I use the builtin firewall features of the linux kernel. As of kernel 2.3,
that's netfilter. For 2.2 kernels, it would be ipchains. Prior to 2.2
kernels it would be ipfwadm. As for commercial versions that are better, I
guess it all depends on your needs. CheckPoint is one commercial firewall
package that is available for linux now I believe.
>
> A HOWTO file to config them?
Why certainly! The ipchains-HOWTO available at your favorite HOWTO site,
you might already have it on your box already. Have a look in
/usr/doc/HOWTO
>
> Any addaitional information that I need to know?
There are different methods of firewalling. The most basic (and
the type present in the linux kernel) is called packet
filtering. Basically, this looks at all IP packets and based on rules
allows or denies their passage through (you can do other things too, like
forward them somewhere else).
The disadvantage of simple packet filtering
is that your packet filtering firewall will not know anything about the
contents of your data. All it is concerned about are things like where
this packet originated from, where it wants to go, what port it came from,
what port it wants to goto, etc. It doesn't care whether this packet is
part of an ongoing http conversation or whether this packet contains
information about X protocol. If you find that your needs to be able to
distinguish between packets carrying different kinds of data, then you
might need a context-based firewall. To my knowledge, there aren't any
free packages out there to do context-based firewalling. You might need to
look into a commercial solution.
However, for most cases a packet filtering firewall will get the
job done. And because most protocols use a well known port number, you
*can* decide which protocol to allow or deny base on the port it uses even
if your firewall software doesn't really know it's doing it.
mg
>
> Thanks all...
>
> Anthony
>
> ______________________________________________________________________
> Philadelphia Linux Users Group - http://plug.nothinbut.net
> Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
> General Discussion - http://lists.nothinbut.net/mail/listinfo/plug
>
______________________________________________________________________
Philadelphia Linux Users Group - http://plug.nothinbut.net
Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
General Discussion - http://lists.nothinbut.net/mail/listinfo/plug
|
|