LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Firewalls
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



Hitting a Wall: the Great UTM Challenge  27 May 2009 
Source: CIO / InfoWorld - Posted by Anthony Pell   
In the beginning was the firewall, and it was pretty good. A big box of rules that sat between your network and the evils of the Internet, the firewall examined ports and protocols to decide which packets got in and which were barred at the door. Then things got, as things often do, complicated. New threats came sneaking in on trusted protocols, ports and protocols became tangled, and looking inside packets became just as important as noting their source, destination, and type.
 
5 Best Linux/BSD Firewall Tools  19 December 2008 
Source: IntranetJournal - Posted by Bill Keys   
Over the course of recent years, some people have found the quality of most out-of-the-store firewall appliances either lacking functionality or worse, set at a price that has made them generally out of reach. Because of this issue, I thought it would be beneficial to write an article to better highlight what works and what does not with regard to turning an older PC into a standalone router/firewall appliance. What do you think about this list of firewall tools? Did they miss anyones that should be on it?
 
OSF - Passive OS Fingerprinting For IPtables  09 December 2008 
Source: ioremap.net - Posted by Bill Keys   
Passive OS fingerprinting netfilter module allows to passively detect remote OS and perform various netfilter actions based on that knowledge. This module compares some data (WS, MSS, options and it's order, ttl, df and others) from packets with SYN bit set with dynamically loaded OS fingerprints. Starting from 2008_07_01 version OSF works only with Xtables, so you have to upgrade to recent kernels (and ename xtables support) and iptables (tested with 1.4.1.1). Also note, that Debian (starting from Lenny) has serious problems with iptables-dev package, which does not contain needed headers, so better install iptables from sources. Have you ever hear about a netfilter module that does passive OS fingerprinting? If you are interested in learning more about this check out this article.
 
SmoothWall Simplifies Open Source Security  24 October 2008 
Source: enterprise networking planet - Posted by John P. Forman   
But Astaro is certainly not the only game in town another well known name in this market is SmoothWall Ltd, a UK based company which maintains an open source firewall project also called SmoothWall. This software has been evolving for the last eight years, the current version being called SmoothWall Express 3.0 The latest open source firewall appliance from UK company SmoothWall includes load balancing, web filtering, and can also act as a VPN gateway. Check it out in this informative article.
 
Firewalk - Firewall Ruleset Testing Tool  16 October 2008 
Source: DarkNet - Posted by Bill Keys   
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. Firewalk works by sending out TCP or UDP packets with a TTL one greater than the targeted gateway. If the gateway allows the traffic, it will forward the packets to the next hop where they will expire and elicit an ICMP_TIME_EXCEEDED message. If the gateway hostdoes not allow the traffic, it will likely drop the packets on the floor and we will see no response. Do you need to test your firewall? This article look at the firewall rulset testing tool called Firwalk. Test it how and let us know what you think?
 
Simplify System Security With the Uncomplicated Firewall  02 October 2008 
Source: Linux.com - Posted by Bill Keys   
The Uncomplicated Firewall (UFW) is a new tool from Ubuntu whose goal is to make configuration of the built-in Linux packet filter less complicated and more secure for novice users. You must run UFW commands as root, so in Ubuntu, you must preface them with the sudo command. With UFW, enabling and disabling packet filtering is a simple matter of issuing the sudo ufw enable and sudo ufw disable commands. You set the default policy for filtering packets by running the sudo ufw default command and passing the allow or deny argument, depending on what you want to achieve. If you issue the sudo ufw default allow command, all incoming packets will be allowed by default, creating a very unsecure packet filter but giving you the broadest range of allowed services. Have you tested the new Firewall tool from Ubuntu that says that it makes packet filtering easier? There are tons of GUI firewall tools who's goal is to make it easy for novice users. So my question is why do we need another one?
 
Devil-Linux Bundles Router/Firewall and Server in One Live CD  29 September 2008 
Source: Linux.com - Posted by Bill Keys   
Devil-Linux might sound hellish for a Linux distribution, but this live CD offers many blessings for your server needs. Originally developed as a router/firewall distribution, Devil-Linux has expanded its functionality to include nearly every service that a server might offer. It can function as an LDAP server, a VPN server, an email or file server, and more.

As stated in the documentation, Devil-Linux runs directly from a CD or DVD-ROM only, so you don't need to install anything to a hard disk -- just keep the Devil-Linux configuration files that automate the configuration upon reboot on a diskette or USB drive. Since access to the live CD is read-only, it's impossible to install rootkits or other malicious software to the distribution. Setting up a home firewall can be a great way to protect your network. This article looks at one Linux distro that is designed to be used as a firewall. What do you Devil-Linux for your home network's firewall?

 
Set up Your Firewall With Firewall Builder  14 August 2008 
Source: Linux - Posted by Bill Keys   
Firewall Builder (fwbuilder) is a graphical application that can help you to configure IP traffic filtering. It can compile the filtering policy you define into many specifications, including iptables and various languages used by Cisco and Linksys routers. Separating the actual policy you define and the implementation in this way should let you change what hardware is running your firewall without having to redefine your policy for that platform. How do you setup your firewall? Do you use an application to help or do you us just write your own Iptables? This article looks at a firewall application called fwbuilder and shows you some of the features of this software.
 
Gibraltar Firewall 2.6 Launched  21 July 2008 
Source: news.softpedia - Posted by Bill Keys   
Gibraltar Firewall 2.6, a Linux firewall distribution based on Debian, was launched yesterday as announced by Rene Mayrhofer. This will be the last release that will use the Linux kernel 2.4, as the next Gibraltar editions will use the 2.6 kernel. Among other things, this edition of Gibraltar offers improved traffic shaping performance (the iptables marking rules were re-ordered and the pre-defined traffic classes were improved), and allows SSL Explorer plugins to be installed. Have you ever used the Gibraltar Firewall? Gibraltar provides the user with a web interface for setting up their firewall. Now it's available for the Linux 2.6 kernel. Also in this release they added full WLAN access point functionality.
 
How To Set Up Shorewall (Shoreline) 4.0 Firewall On CentOS 5.1  10 July 2008 
Source: HowToForge - Posted by Bill Keys   
The Shoreline Firewall, more commonly known as "Shorewall", is a high-level tool for configuring Netfilter. You describe your firewall/gateway requirements using entries in a set of configuration files. Shorewall reads those configuration files and with the help of the iptables utility, Shorewall configures Netfilter to match your requirements. Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system. Shorewall does not use Netfilter's ipchains compatibility mode and can thus take advantage of Netfilter's connection state tracking capabilities. http://www.shorewall.net/ Shorewall is a great firewall package for Linux it's, most distro's have packages available. What do you think about Shorewall? Do you have any other favorite firewall package.
 
<< Start < Prev 1 2 3 Next > End >>

Results 21 - 30 of 315
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.