At 05:14 25.10.2001 -0400, you wrote: >Hi all, > >This is probably a FAQ, but I can't find the answer in the >e-mails I have so far.... Some background is needed. > >In common with quite a few people, I would expect, I'm a >long-time Windows hack trying out Linux because of Borland's >Kylix, aka Delphi for Linux. I'm starting from as near zero >knowledge of Linux as makes no difference. > >Living in a very rural area of Pennsylvania, I have a choice of >exactly one cable access provider, and they're a bit paranoid, to >put it mildly. They've managed to configure their access systems >in such a way as to (deliberately!) prevent use of a router as a >hardware firewall, unless you buy their much more expensive >"commercial" access. > >Now, when my machine is booted in Windows, I see an average of >something like 30 unauthorised access attempts a day (the >24.x.y.z IP address of most cable modems is an open invitation). >So far as Windows is concerned, I use Zone Alarm as a software >firewall, and everyone is reasonably happy (even if I'm still a >bit annoyed about having a perfectly good router sitting on my >desk doing nothing). > >I have two questions. > >1) Is there an equivalent to Zone Alarm for the Linux world - a >software firewall that will work "out of the box"?
yes there is - its called ipchains for 2.2.x kernels and iptables for 2.4.x kernels. ipchains/iptables is a part of linux and it offers the possibility to build up a real packet filter firewall by configuring a set of rules for your computer. if u really want to understand what ipchains does and how it does - and if u want to build up your own firewall with your own ruleset i would suggest u reading : 1) for ipchains the IPCHAINS-HOWTO 2) for iptables : man iptables, netfilter-hacking howto, iptables-howto, packetfilter-howto if u just want a quick and easy firewall u can try bastille firewall or tiny firewall (i dunno whether its the same) u can configure it with a gui within the mandrake control center (drakconf), theres a menu-item "firewall" under security. i dont know much about it because personally i prefer to build my own rules, but basically what it will do is, ask u a set of questions and build a ruleset related to your answers. search the mailing list archives for subject "bastille" and it should come up with numerous postings regarding bastille firewall....(its a frontend to ipchains/iptables i think) >2) If there isn't such a firewall, I'm being swamped by the >amount of documentation that I need to read - is there a Newbie's >guide to Linux security out there somewhere that will mean that I >can block out the hackers while I'm learning the rest of the OS? an excellent source for documentation of all kind is www.linuxdoc.org - they offer all the howtos and also guides (check these out - theres a linux security guide too i think) >Thanks, hth --quay ----------------------------- <!-- If privacy is outlawed,only outlaws will have privacy -->
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
