kanotix.com

Networking - Firewall necessary?

ekp - 28.05.2006, 15:27 Uhr
Titel: Firewall necessary?
My Kanotix has closed ports by default. They however are not stealthed. To get there I have installed firestarter and am completely stealthed. I do see however a performance drop on connecting to an IP. Xchat is almost immediately connected without it but very slow in connecting with it.

On your basic Home Desktop is firewalling all that necessary?
devil - 28.05.2006, 16:22 Uhr
Titel: Firewall necessary?
i never use one, i am behind a router with NAT.

greetz
devil
ironwalker - 06.06.2006, 04:08 Uhr
Titel: RE: Firewall necessary?
I don't use one on my linux workstation.....I do use tcpspy and it shows on desktop with root-tail'ing proper log files,every connection in or out includeing failed ones.
Of course,you have to watch it constantly to stop anything suspicious but I dont expect anything suspicious.

I wouldnt mind stopping outgoing connections I didnt want going out,but I dont think I'd have many with linux just yet.
rich.bradshaw - 06.06.2006, 09:02 Uhr
Titel: RE: Firewall necessary?
I forward port 22 to my PC using my router, then use firestarter to restrict the IP addresses allowed to connect to it to computers I want to be able to connect. Though that's really an unneccessary step - I have disabled root login and have a pretty strong password.

If I didn't have a router though, I would use firestarter to block everything except port 22 for the computers I want.
markb - 06.06.2006, 13:17 Uhr
Titel: Re: RE: Firewall necessary?
rich.bradshaw hat folgendes geschrieben::
I forward port 22 to my PC using my router, then use firestarter to restrict the IP addresses allowed to connect to it to computers I want to be able to connect. Though that's really an unneccessary step - I have disabled root login and have a pretty strong password.

Do you realise you can just set "Allowusers *@here.com *@heretoo.com me@my.com ... etc" in your sshd_config?
rich.bradshaw - 06.06.2006, 17:18 Uhr
Titel: RE: Re: RE: Firewall necessary?
yeah, I probably would be better off doing that... There was an article somewher e the other day about firewall less security. It seems a good idea, make things secure instead of covering them with something secure, but leaving them unprotected otherwise, if you see what I mean!
Alle Zeiten sind GMT + 1 Stunde
PNphpBB2 © 2003-2007