security setup without firewall?
- From: Tom Forsmo <spam@xxxxxxxxxx>
- Date: Sat, 09 Dec 2006 03:11:56 +0100
hi
I have been hearing from different sources that a truly good security setup does not require a firewall. Of course that depends on the situation for the system. but if one considers a single home computer, is it plausible to have basic security without a firewall?
The reason I am asking is that I am looking for the simplest way to centrally control which ports are open and for which adresses. The problem is that most firewall systems on linux are pretty complex, e.g. shorewall, and that makes it difficult to make it work properly.
I was initially thinking that setting hosts.deny/allow would cover a lot of ground. When I tested it, by setting deny: ALL:ALL, I found that SSH was affected but http was not. I also found that nmap finds all the ports open. Yhis suggest to me that if I dont use a firewall I have to separately configure all the different services to make a basic security config.
So the question is, is there a single file such as allow\deny that can be used to control visibility of ports and access in an easy way, or is a firewall the only real option for this (which mean that I would have to throw out shorewall and just use iptables directly)
tom
.
- Follow-Ups:
- Re: security setup without firewall?
- From: Michael Heiming
- Re: security setup without firewall?
- From: responder
- Re: security setup without firewall?
- From: left_coast
- Re: security setup without firewall?
- Prev by Date: Re: Securing telnet
- Next by Date: Re: security setup without firewall?
- Previous by thread: SUDO: executing as {any but non-root user} won't work
- Next by thread: Re: security setup without firewall?
- Index(es):
Relevant Pages
|
|
