I am new to the Ubuntu/Linix world (less than a week).
I have tried the search, but have had difficulty finding threads on this.
Can someone recommend an excellent firewall to use with Ubuntu?
What is a good IP filter/firewall program? Seeing as how I like free softwares, I download a lot of torrents. When I was using Windows, I used PeerBlock (the newer fork of PeerGuardian), however, it's not available for Linux. What would be a good alternative for this in Linux? I tried iplist as it has a GUI, and it was extremely buggy and blocked random web pages even after I put them on the exceptions list. And MoBlock has no GUI from I understand, nor has it been updated in years.
View 9 Replies View RelatedI'm looking for a good hardware firewall that will run on an older pc (ie 512 MB RAM and 1GHZ CPU) FOSS is preferable, but not required. I've tried Astaro, but it refuses to load after a restart. I'm hoping for AV as I support Windoze clients, and a VPN. Past that, I can deal with anything.
View 4 Replies View RelatedIs a firewall necessary on ubuntu? I've never thought about it until now. Do I need one? If so whats a good firewall to install? As you can tell im not too knowledgeable on this subject. I know (i think) linux has a built in firewall called iptables but ive never used it or looked into it.
View 9 Replies View Relatedim looking for a good firewall application.
View 2 Replies View RelatedI am running squeeze 6 on amd64 i like to know if there is guide how to setup a good firewall for dummies like me
View 7 Replies View RelatedI was just wondering if anyone uses 'Firestarter' firewall, and what you think of it?
View 13 Replies View RelatedCan we use iptables as firewall instead of Juniper firewall
View 2 Replies View Related1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
I have a Suse11 box with 2 network cards:
I have squid as a proxy on the Suse box, and with the default firewall I have to enable masquerading to allow clients on the eth3:1-3 to send and receive mail through the Suse box. I found the Suse firewall completely inadequate (all P2P software/connections are allowed once you enable masquerading) and had to install ConfigServer Security & Firewall. In die configuration of csf I could get my way around getting smtp to work for the eth3:1-3 clients, but pop3 connections does not go through the box. I know I need to allow port 110 and 995 to masquerade of NAT (or something) and then the same for port 22
I tried installing F-prot's linux scanner but it doesn't seem to want to install and I am tired of messing with it.
So I am wondering if I even need it or if there is something else.
I am behind a firewall already with my router if that helps any.
I guess I am having trouble understanding why virus protection is less necessary.
Do people not write viruses for linux systems?
I have enabled ssh key based logins for one of my servers and disabled normal password based logins. It just occurred to me that the public key which I generated on my pc, and uploaded to the servers authorized_keys, may in fact only apply to my local PC / user account. So basically if my system crashes I would have no way to login to the server...? Is it not possible to "share" public keys so other people (PCs / accounts) can use them?
View 3 Replies View RelatedI am new and i am worried about my data. So i want an Internet Security software for ubuntu.
View 9 Replies View RelatedI recently came upon an ubuntu variant called blackbuntu. Its in early release stages at this point, but its being marketed as a pen test distro. Exactly like Back Track, but in Ubuntu form. Was just wondering if anyone has had a chance to use this yet? All software that the distro uses is readily avilable in the ubuntu repositories already.
View 4 Replies View RelatedI have Ubuntu running on an old PE server. It is running Virtualbox with an instance of Ubuntu inside. The instance is there to run my honeypot.
The server box IP is192.168.1.10. The Virtualbox is bridged with it's own IP of 192.168.1.200. The honeypot daemon is listening to 192.168.1.201 with arpd.
I set up the UFW with DENY. And then enabled only the ports leading to the honeypot scripts which are abound to IP .201. I then forwarded the ports necessary to run VNC to .200.
Here is the UFW status:
buntu@ubuntu-desktop:/var/lib$ sudo ufw status
Status: active
To Action From
-- ------ ----
192.168.1.201 21/tcp ALLOW 21/tcp
192.168.1.201 4444/tcp ALLOW 4444/tcp
192.168.1.201 5544/tcp ALLOW 5544/tcp
[Code].....
rc.scripts, cron jobs, what else? Can hidden files be executed simply by going to a directory that has that hidden file inside it?
View 5 Replies View RelatedWill I need to actiavte the firewall that comes with Ubuntu since I'm using Transmission?
View 9 Replies View RelatedI have a VPS (Ubuntu 8.04 server eition) and as such am stuck with using a software firewall.
i currently have UFW installed.
I would ideally like to have my firewall be a little rude, or rather just not polite. I know what i am asking will break the RFC, but i consider this ok due to the security benefits.
I would like to have my firewall
1) ignore (eg drop without responding)all packets that dont start with a syn flag
2)for all other traffic that is currently blocked, have it dropped (again drop it without responding)
If there are any other rules you can think of i would like to know them. I already have only the services i want open and the rest blocked.
I've been using Windows for quite a few years now. I loved the way how I used to set incoming/outgoing rules for my applications. But I'm having hard time doing that in Ubuntu. I tried searching for a good GUI for iptables but I need your help selecting the best. I might learn iptables someday but for the time being I will be using a nice GUI. I'm currently using GUFW, I've tried Firestarter. All I need is a firewall that would allow me to configure rules for my applications.
View 9 Replies View RelatedI have set up a Ubuntu 10.10 server. I have been using ssh tunnels to encrypt my web traffic at public wifi. I am trying to make this server as secure as posible so I enabled ufw. I allowed SSH and HTTP traffic in and denied everything else. But when I do that I can not use SSH -D because when I try to visit a webpage it does not load and I get the following.
Code:
uname@mybox:~$ channel 3: open failed: connect failed: Connection timed out
^C
uname@mybox:~$ fclchannel 4: open failed: connect failed: Connection timed out
^C
uname@mybox:~$ exit
logout
What do I have to do to allow ufw to allow ssh tunnels through?
I am a Linux newbie so please bear with me if I sound stupid. I was checking out how to set up a firewall for my system and landed on this webpage: [URL]. But I am so confused with how this ufw application works. What I understand is that once I set it to "default deny" it prevents unauthorized incoming connection but what does it mean when the author says to add exceptions for services I need? When do I need to do that? Also what's an SSH server?
View 2 Replies View Relatedi want set up IDS(Intrusion detection system) and Firewall in my home just for learning.. The Goal is learn IDS log and Firewall log..
View 4 Replies View RelatedI had a hack on my oscommerce website recently. I have put in the relevant security patches but I need to check whether the hacker left any code changes in my files. What is a good file comparison software for linux? I need it to scan though the current files and folders and compare it the original default oscommerce installation so I can check the code.
View 14 Replies View RelatedI'm involved in a project to students set up a network security training lab using vmware. I want to simulate (in a very rough way) scanning through a poorly configured router or firewall. The easiest way I can think of to simulate this is to use a linux vmware image with two virtual nic cards to act as a firewall with the attacker on the outside network and a domain controller, web server, and database server on the inside network.
I would like to start students off with a firewall script that exposes everything on their internal network to the attacker. Is there an easy way to (mis)configure iptables to do this?. The model I'm trying to replicate is something like this. Attackers were on a 10.10.x.x network, defenders were on a 192.168.x.x network. As an attacker I could nmap 192.168.x.x and see every machine and every service on the defenders side even if they moved a service to an unexpected location. how I can implement a similar configuration using a linux image as firewalls/routers in vmware?
I have a set of iptables rules generated by Firestarter, and i'm in the process of trying to familiarise myself with iptables itself, but there's one particular rule which is confusing me, perhaps somebody could explain it to me
My INPUT chain reads as follows:
Code:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- cdns01.plus.net anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- cdns01.plus.net anywhere
ACCEPT tcp -- cdns02.plus.net anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
[Code]...
Given that the firewall is actually blocking packets, it can't be this simple, so what am I missing?
I'm running the firestarter firewall and its been showing the odd ssh attempt quite often. e.g. I've had 4 attempts today, 3 in the last 40mins. I realize that this may be nothing to serious but it's got me curious, aside from having a secure password (which I have) is there anything that else that I can do to ensure that my system is as secure as possible from ssh? I do use ssh within my home network so I don't want to disable it completely.
View 9 Replies View RelatedI have noticed interesting problem. I use two browsers - Firefox and Konqueror. Konqueror is configured to use tor, Firefox not. Using Gufw I block all incoming and outgoing traffic and it works while using Firefox, I mean that I can't view any www site and it is ok. But if I use Konqueror I can establish any conection. How to understand this? Should I have different firewall while using tor?
View 5 Replies View RelatedI know that GNU/Linux does not need a firewall (due to iptables), but I would like a basic firewall that would watch incoming and outgoing connections. I would prefer it to have a try icon and be able to run as a regular user, such that I can add it to my .fluxbox/startup file. Anyone know of any good ones? They don't actually have to interface into iptables (because I would do that myself), but if they do it would be a bonus.
View 4 Replies View RelatedI run a small (cabled) network between a desktop with XP with two printers hooked to it and a laptop with Ubuntu 10.04.1 64b. I can approach and use these printers from my laptop and filesharing works also. BUT ... this only works when my Ubuntu firewall (Gufw 10.04.5) is switched off. I am operating behind my router_modem which has a hardware type of firewall switched on at all times so I presume I'm safe. Now my questions:
1. Is this really safe enough?
2. What kind of settings would Gufw need to be able to use it AND use my mini-network for printing? I have no experience whatsoever with firewall rules and settings.
I want to have a firewall that is connected to my modem and router and have it function as just a firewall no dhcp no routing is that possible?
View 3 Replies View Related
