Re: Linux equivalent for ZoneAlarm?

From: Duane Arnold (darnold92@Insightbb.com)
Date: 08/21/02

• Next message: Duane Arnold: "Re: Hosting your own server at home"
• Previous message: Wes: "Re: Getting pinged through Netgear RT314 firewall ?!*#?!"
• In reply to: Robert Oschler: "Linux equivalent for ZoneAlarm?"
• Next in thread: David Schwartz: "Re: Linux equivalent for ZoneAlarm?"
• Reply: David Schwartz: "Re: Linux equivalent for ZoneAlarm?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Duane Arnold" <darnold92@Insightbb.com>
Date: Wed, 21 Aug 2002 04:16:38 GMT

Linksys's NAT and its SPI and any firewall you choose is pretty much useless
from attack on accepted traffic on an open port. Snort/IDS you may need on
the Linux box too.

I thought Linux had several firewalls one could install?

"Robert Oschler" <Oschler@earthlink.net> wrote in message
news:MtC89.4584$CD2.741519@e3500-atl1.usenetserver.com...
> I have Suse 7.3 Pro and I have been reading about SUSEFirewall. Since I
am
> behind a NAT router with stateful packet inspection (SPI) I can't see why
I
> would use SUSEFirewall/ipchains because I'm already getting NAT and IP
> masquerading with my LinkSys router. If there other benefits please tell
> me. What I would really like to have is a daemon like ZoneAlarm for PC's
> which would maintain a 'access permissions table by application' like
> ZoneAlarm does. Where it would prompt me to grant or deny rights for a
> particular app or process the first time they attempt to act as a server
or
> make a request over the Internet, and would remember my response for the
> future. Does anyone know of such a beast? Note: I am using the Linux box
> as a HTTP server so I would need the ix-ZoneAlarm candidate to be
compatible
> with that mode of behavior. If I just plain missed something in the SUSE
> doc's then 'mea culpa'. Just point me to a URL and I'll happily
> brain-crunch it.
>
> BTW, how does Port scanning prevention (stealthing) fit into products like
> SUSEFirewall?
>
> thx
>
>
>

---

• Next message: Duane Arnold: "Re: Hosting your own server at home"
• Previous message: Wes: "Re: Getting pinged through Netgear RT314 firewall ?!*#?!"
• In reply to: Robert Oschler: "Linux equivalent for ZoneAlarm?"
• Next in thread: David Schwartz: "Re: Linux equivalent for ZoneAlarm?"
• Reply: David Schwartz: "Re: Linux equivalent for ZoneAlarm?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Plusnet 2Mbps connection ... >> Stateful Packet Inspection (SPI). ... The NAT firewall hides computers on ... >> through the firewall to the connected computers. ... (uk.people.silversurfers) Re: hows this comcast product ... it's just a common NAT router with SPI. ... i do have windows xp firewall enabled as well as i haven't ... > however then i'd need a router without nat and spi, ... (comp.security.firewalls) Re: Plusnet 2Mbps connection ... > Stateful Packet Inspection (SPI). ... The NAT firewall hides computers on ... > through the firewall to the connected computers. ... (uk.people.silversurfers) Re: NAT vs Firewall ... SPI will help in logging, email alerts and stopping hacker attempts. ... Your NAT router might do this already as it may have other coding to see spoof, ... Firewall Type ... (comp.security.firewalls) Re: Re: Which Firewall is Best? ... > both NAT and SPI firewall...) ... not make the device a firewall. ... It's a dang nice application - about a year ago he sent me the ... (comp.security.firewalls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)