On Thu, 9 May 2002, Jay wrote: > I have a question regarding firewalls. There are a variety of programs out > there to accomplish this, but what are the differences. I am currently > using Bastille that comes with Mandrake. > I installed it via the GUI, but then went into > /etc/Bastille/bastille-firewall.cfg and made some changes so only certain > ports are open. > If I were to use another firewall program to basically do the same thing, > leaving only some ports open for specific servers what would be the > advantages/disadvantages?
Other firewalls enable more granular control of what gets in and out. Bastille seems to be meant more for the home user who wants to get a small LAN going with NAT and basic firewalling than for explicit control. This last weekend I tried out Securepoint, GuardDog and Firestarter. SecurePoint was a PITA to get going and required a 686 PC. It looks like it's the most feature-complete interface but it was too difficult to get it working. GuardDog and Firestarter work well, but also require Gnome or GTK which was useless for actual deployment on my firewall (you can probably just copy the rules however). Bastille, to its credit, does have a curses interface. > Is there a firewall in which I can, for example, leave port 80 open for > apache, yet have it appear stealthed from any scans (eg, using Nmap). I don't *think* so because there's no way for the server to know that it's a valid client. I.e., a telnet to port 80 will look similar to an http request from from Netscape. You could probably find packages that will block requests from hosts when it sees a number of probes though.
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
