Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Would appreciate some input on firewalls/security in ubuntu

  1. #1
    Join Date
    May 2008
    Location
    Tri-State Area, USA
    Beans
    100
    Distro
    Ubuntu 8.04 Hardy Heron

    Exclamation Would appreciate some input on firewalls/security in ubuntu

    Sorry if this has been addressed before. I am currently dual-booting ubuntu and win xp and would like to phase out windows. i've recently switched to ubuntu from opensuse 10.3 and am very pleased with ubuntu. my main concern is that my ubuntu setup is not as secure as my windows (ironically). in opensuse i used guarddog firewall which worked very well but firestarter seems flawed/infunctional at times and is generally annoying to work with. i am currently using "gnome-lokkit" which says all ports are closed though no programs i use have trouble connecting to the internet. if i can match the functionality of the zone alarm/peerguardian(for p2p use) combo i have on winxp then windows can go in the garbage.

    i am pretty familiar with how to use linux at this point, but i am not so good on the terminal with most of the fancy commands.

    any input on this would be greatly appreciated - thanks.

  2. #2
    Join Date
    Apr 2008
    Location
    UK
    Beans
    1,098

    Re: Would appreciate some input on firewalls/security in ubuntu

    Quote Originally Posted by Open-SuSe-A-Me View Post
    Sorry if this has been addressed before. I am currently dual-booting ubuntu and win xp and would like to phase out windows. i've recently switched to ubuntu from opensuse 10.3 and am very pleased with ubuntu. my main concern is that my ubuntu setup is not as secure as my windows (ironically).
    What do you base your concern on?

    in opensuse i used guarddog firewall which worked very well but firestarter seems flawed/infunctional at times and is generally annoying to work with.
    In what way did guarddog work well for you?

    i am currently using "gnome-lokkit" which says all ports are closed though no programs i use have trouble connecting to the internet.
    You're offering no services externally so a firewall is superfluous. And having no trouble connecting to the internet is good, is it not?

    if i can match the functionality of the zone alarm/peerguardian for p2p use) combo i have on winxp then windows can go in the garbage.
    Put it in the garbage anyway. Your single machine will gain nothing from having a firewall.
    Brian.

  3. #3
    Join Date
    May 2008
    Location
    Tri-State Area, USA
    Beans
    100
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Would appreciate some input on firewalls/security in ubuntu

    What do you base your concern on?

    A friend of mine who happens to be a linux novice told me that a firewall is basically unnecessary in linux, but having luck with guarddog i figured i would try firestarter out. almost immediately after configuration firestarter was blocking hits from various ports but i was startled to see constant blocks on port 54433 which i had been using for incoming connections for bittorrent on windows. is that bad or normal? this leads me to believe that i should maintain some protection but im not completely understanding how firewalls work on linux. i've read that the "iptables" is always active and stealths all ports by default. is that correct?

    my main question now after reading your response would be "if a firewall is superfluous on ubuntu, am i just as safe without one as i am on xp with ZA enabled?"

    In what way did guarddog work well for you?


    guarddog just seemed to work properly. if i enabled http:80, firefox would work, with http disabled it didnt, for example. firestarter only seemed to work for certain applications/ports, but its possible that i had it configured wrong.

    You're offering no services externally so a firewall is superfluous. And having no trouble connecting to the internet is good, is it not?


    what would be considered a service? pidgin, firefox, or azureus maybe?

    Put it in the garbage anyway. Your single machine will gain nothing from having a firewall.

    even while using, for example, azureus or other p2p apps? i felt somewhat secure with peerguardian blocking over 3 billion bad ip ranges. is there some way to do this in ubuntu?

    thanks in advance - i just want to make sure i'm not an online target or having major security flaws.

    -joe

  4. #4
    Join Date
    Jun 2006
    Location
    Washington DC, USA
    Beans
    149
    Distro
    Ubuntu

    Re: Would appreciate some input on firewalls/security in ubuntu

    Open-SuSe-A-Me, first of all, the Linux firewall is called IPTABLES. Such programs like Firestarter and Guarddog are just GUI front-ends to help make setting up IPTABLES a little easier.

    You're seeing that no ports are open and you can still access the Internet because "no ports open" means that you are not accepting connections from the outside in, but you can still connect from the inside out.

    if i can match the functionality of the zone alarm/peerguardian(for p2p use) combo i have on winxp then windows can go in the garbage.
    Put Windows in the trash because you've already surpassed the zone alarm/peerguardian functionality by installing Linux in the first place.

    (just saw your second post there so I decided to add on)

    what would be considered a service? pidgin, firefox, or azureus maybe?
    What brian_p is talking about when he said "you're offering no services externally" is that you're not running any server applications, like apache web server, FTP, etc. Basically services that are accessed from outside your network are considered "external services". Pidgin and the others aren't what he was talking about.
    Last edited by FastZ; May 3rd, 2008 at 08:00 PM.
    -Matt
    (Ubuntu user #9138)
    (Linux User #419497)

  5. #5
    Join Date
    Apr 2008
    Location
    UK
    Beans
    1,098

    Re: Would appreciate some input on firewalls/security in ubuntu

    Quote Originally Posted by Open-SuSe-A-Me View Post
    What do you base your concern on?

    A friend of mine who happens to be a linux novice told me that a firewall is basically unnecessary in linux, but having luck with guarddog i figured i would try firestarter out. almost immediately after configuration firestarter was blocking hits from various ports but i was startled to see constant blocks on port 54433 which i had been using for incoming connections for bittorrent on windows. is that bad or normal?
    Nothing was listening on port 54433 so the connection attempts were going nowhere. You'll have more peace of mind by removing firestarter and knowing what services you do have running.

    this leads me to believe that i should maintain some protection but im not completely understanding how firewalls work on linux. i've read that the "iptables" is always active and stealths all ports by default. is that correct?
    iptables keeps its rules in memory. You could use that memory for better purposes.

    my main question now after reading your response would be "if a firewall is superfluous on ubuntu, am i just as safe without one as i am on xp with ZA enabled?"
    Yes. And you rid yourself of the overhead which comes with ZA.

    what would be considered a service? pidgin, firefox, or azureus maybe?
    Already answered but you could add mail servers and ssh.

    Put it in the garbage anyway. Your single machine will gain nothing from having a firewall.

    even while using, for example, azureus or other p2p apps? i felt somewhat secure with peerguardian blocking over 3 billion bad ip ranges. is there some way to do this in ubuntu?
    Yes. Any serious security issue with an open source p2p application would be fixed very quickly. If you have a need to restrict who can connect you could look at tcpwrappers (/etc/hosts.allow and /etc/hosts.deny)

    thanks in advance - i just want to make sure i'm not an online target or having major security flaws.
    If you allow external access to your machine keep the software up to date and configure it sensibly. That's all that's needed.
    Brian.

  6. #6
    Join Date
    Jun 2006
    Location
    Washington DC, USA
    Beans
    149
    Distro
    Ubuntu

    Re: Would appreciate some input on firewalls/security in ubuntu

    Quote Originally Posted by brian_p View Post
    Nothing was listening on port 54433 so the connection attempts were going nowhere. You'll have more peace of mind by removing firestarter and knowing what services you do have running.



    iptables keeps its rules in memory. You could use that memory for better purposes.



    Yes. And you rid yourself of the overhead which comes with ZA.



    Already answered but you could add mail servers and ssh.



    Yes. Any serious security issue with an open source p2p application would be fixed very quickly. If you have a need to restrict who can connect you could look at tcpwrappers (/etc/hosts.allow and /etc/hosts.deny)



    If you allow external access to your machine keep the software up to date and configure it sensibly. That's all that's needed.
    I don't really think suggesting that he strip his machine of any firewall whatsoever is a very good thing to do. At a minimum, you should keep a default iptables configuration on your machine. There are viruses out there written for Linux as well so it's better to be safe than sorry in my opinion.
    -Matt
    (Ubuntu user #9138)
    (Linux User #419497)

  7. #7
    Join Date
    Apr 2008
    Location
    UK
    Beans
    1,098

    Re: Would appreciate some input on firewalls/security in ubuntu

    Quote Originally Posted by FastZ View Post
    I don't really think suggesting that he strip his machine of any firewall whatsoever is a very good thing to do. At a minimum, you should keep a default iptables configuration on your machine. There are viruses out there written for Linux as well so it's better to be safe than sorry in my opinion.
    The default iptables configuration will suit the OP well. It has served me splendidly for many years.

    You're not after thinking a firewall can deal with malware, are you? How does it do that?
    Brian.

  8. #8
    Join Date
    Mar 2007
    Location
    Connecticut
    Beans
    29
    Distro
    Ubuntu 7.10 Gutsy Gibbon

    Re: Would appreciate some input on firewalls/security in ubuntu

    Quote Originally Posted by brian_p View Post
    The default iptables configuration will suit the OP well. It has served me splendidly for many years.

    You're not after thinking a firewall can deal with malware, are you? How does it do that?
    What default iptables configuration? This?


    HTML Code:
    # iptables -nL
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination

  9. #9
    Join Date
    Apr 2008
    Location
    UK
    Beans
    1,098

    Re: Would appreciate some input on firewalls/security in ubuntu

    Quote Originally Posted by SjRaptor View Post
    What default iptables configuration? This?


    HTML Code:
    # iptables -nL
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    Yes, that's the one. It's a superb configuration for the OP's circumstances.
    Brian.

  10. #10
    Join Date
    May 2008
    Location
    Tri-State Area, USA
    Beans
    100
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Would appreciate some input on firewalls/security in ubuntu

    thanks for all the input...i'll stick with the default. is there a way i can confirm that this is how my firewall is configured (in a terminal probably)? should i rely on the "shields up" website?


    thanks-joe

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •