Re: Firewalls

From: Bit Twister (BitTwister_at_localhost.localdomain)
Date: 10/15/03

Date: Wed, 15 Oct 2003 15:24:36 GMT

On Wed, 15 Oct 2003 14:31:43 GMT, WeeBit wrote:
> Ok this is the problem. I have this one person who is saying I don't need
> a firewall on Linux on another newsgroup. alt.os.Linux.mandrake I guess
> this is pick on WeeBit day because this person swears I don't need one. I
> say I do need one. I DON'T want to be lazy, and not get the upgrades for
> the security patches, or to disable the daemons that I don't need. But I
> want the firewall as a added measure of protection because I will be a
> newbie on Linux. Plus to protect against threats that no one knows about
> yet. Do I need a firewall or not? Please explain why either way .

For the newbie, put in the firewall. If nothing else it will let you
drop the virus/worm attempts and help prevent a Denial Of Service (DOS)
attack from taking your box to it's knees.

It also helps meet your requirement
"I DON'T want to disable the daemons that I don't need"
and still gives a level of security.

The argument given to you is based on the fact that if you have no
programs/daemons talking to the outside world, the outside world
cannot get into your system. Same argument can be given for not
wearing seat belts, no wreck, no need for it.

Now as you turn on a deamon to respond to a connection on a port that
service becomes a target for the crackers to play with.

If you opened the port, say for a connection from work, you can tell
the firewall to allow connections from work and reject everyone else
making that more secure that letting anyone connect to the service.

The recomendation is to have multiple levels of security to improve
your odds of not being cracked.

If you would like to read some security links Look here

google_tag_cracked_4_next_time in the first box
alt.os.linux in the Newsgroup box, pick English

Scroll down for the links.

People can be pretty head strong on some things. For example
take some time to see some comments on telnet
Xns93FD6FED9472jbuserspc9org@ in the message id box

and view complete thread.

Relevant Pages

  • Re: IIS, homenetwork, teenager, sercurity
    ... Firewall. ... connection is giving you some hardware firewall protection. ... it is a good idea to have any PC that is connected to the internet ... Microsoft plugs their security holes with a patch ...
  • Re: [opensuse] nfs fails to start
    ... you launched your firewall. ... My POV is that security rule is a security rule. ... connection does not exist as opposed to merely 'cannot be initiated'. ... Installing Dovecot _should_ include installing ...
  • Re: Why a firewall for a PC?
    ... > as his ISP so that he can have a broadband connection. ... In the environment I work in, a firewall has a primary purpose ... > computers they can find, looking for open ports, etc. ... or outbound and implement TCP/IP Security on the XP O/S. ...
  • Re: Need help getting rid of popup called Messenger Service
    ... internet connection it gets back through. ... properly configured firewall. ... And ignoring or just "putting up with" the security gap represented by these messages is particularly foolish. ... Messenger Service of Windows ...
  • Re: small linux firewall/router advice
    ... It's really a bad idea to depend on security through obscurity. ... well as the local network interface. ... > I've also used a standard dial up connection with no firewall for over ...