easy firewall utility?

mikEdub · n00b Joined: 02 Mar 2004 Posts: 8

I was wondering if there was an easy firewall utility such as fedora's (and I assume also redhat) redhat-config-securitylevel program. Where you can just check a checkbox to which ports you want open. It would be for Gentoo1.4. TIA

dvc5 · Posted: Thu Mar 25, 2004 8:20 pm Post subject: Re: easy firewall utility?

RSay · Posted: Fri Mar 26, 2004 1:28 am Post subject:

I use a graphical utility called FWbuilder which is in portage. It is somewhat more complex than the redhat firewall utility, but is more powerful.

I defined the networks that my systems usually run on and each individual computer at my house. After they are defined it is very easy to set up the rules of engagement between components.

It has many communication protocols built in. If you want to allow SSH from the home network, you just drag SSH protocol into the proper rule. The rules are built as components and they make sense when you read them out loud.

The other nice part is that you can don't have to run the program on every computer that you own. You can run FWbuilder on your desktop and set up the rules governing your server. FWbuilder will generate a script that you transfer to the server and run. If you have several computers that will use the same ruleset, things get even easier.

My friends have told me that I should learn to use shorewall but I haven't been able to figure it out yet.

Whichever way you go, make sure you port scan your system when you're done to be sure you didn't make a mistake.

Slurp53 · Apprentice Joined: 14 Jun 2002 Posts: 255 Location: Iowa

I use a package called Firestarter. It has a couple of check boxes and is very simple to setup.

_________________
"Welcome to the Pleasuredome" -- Frankie Goes to Hollywood

jimcooncat. · n00b Joined: 25 Mar 2004 Posts: 21

Gentoo is all about choice. I applaud that, but I realize there's a lot to keeping a box secure, and I personally don't have time to research all I would need to do it right.

I went with a smoothwall.org dedicated box (old 486-120 I had hanging around) and it performed like a champ. Made for a checkbox kind of guy, or one like me who'd rather concentrate on other aspects of life.

(Unfortunately it's nothing more exciting right now other than to get together an email server.) :_
_________________
JimCooncat
Fly-by-Night Operations Empowerment Advocate

dvc5 · Posted: Fri Mar 26, 2004 1:42 am Post subject:

Another cool Firewall if you have a dedicated machine for it is IPCop. It has a similar interface to SmoothWall, but I've found it to be a little easier to setup.
_________________
#define NULL rand() /*heh heh heh */

Green Is Good

Yamakasi · Apprentice Joined: 28 Sep 2002 Posts: 201

mikEdub · n00b Joined: 02 Mar 2004 Posts: 8

thanks for everyones suggestion

I've used FWBuilder previously and found that to be awfully difficult to understand (bear with me im a noob

) so I checked out firestarter....it was so easy I could even set it up :roll: