|
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
|
|
|
Source: linux-magazine - Posted by Bill Keys
|
|
The KDE Guarddog program promises an easy Linux firewall setup with just a few clicks. Guarddog helps inexperienced users secure computers – and even whole networks – against attack.
The IPChains (Linux 2.2) and IPTables (Linux 2.4) tools configure the Linux firewall, but these commandline tools can be slightly cryptic for Linux newcomers. Simon Edwards developed Guarddog [1] to simplify the task of firewall configuration. Guarddog is a GUI-based configuration utility for managing firewalls. The Guarddog utility is licensed under the GPL and runs on either KDE 2 or KDE 3.
I am interesting if anyone as used KDE Guarddog and what do you think about it? I normally just manually add iptables from the command line but if this tool makes it easier then I am game. |
|
|
Source: http://www.cyberciti.biz/faq/ - Posted by Ryan Berens
|
(The)Demilitarized zone, used to secure an internal network from external access. You can use Linux firewall to create DMZ easily. There are many different ways to design a network with a DMZ. The basic method is to use a single Linux firewall with 3 Ethernet cards. The following simple example discusses DMZ setup and forwarding public traffic to internal servers.
There's a little advanced know-how required here and he recommends a couple good firewalls to set up such functionality just in case this very useful guide doesn't fit the bill. If you are looking to set up a Linux Demilitarized zone a couple of options include EnGarde, IpCop and others.
|
|
|
Source: www.linux.com - Posted by Ryan Berens
|
Are you administrating a corporate network? How do you ensure securing your web services? There are many different solutions, but Iptables is one of the newer ones, and is up to the job.
With IT budgets getting tighter, managers need to trim costs. Service contracts are expensive for any technology; firewalls are no exception. Netfilter, the project that provides the packet filtering program Iptables, is a free firewall alternative. While it lacks the service contract of commercial solutions and a pretty interfaces to make firewall modification easy, it has solid performance, performs effectively at firewalling, and allows for add-on functionality to enhance its reporting and response functions. |
|
|
Posted by Ryan Berens
|
A new blogger to the Linux Security space (he switched months ago), the owner of Fsckin w/linux took a trip to test Firewalls and Linux. From IPCop to Smoothwall to the 8MB Monowall, he compares and contrasts the value of each platform - but with a catch.
The HP Vectratesting platform we are using today is an HP Vectra slimline PC. Considering the computer was FREE (as in beer) after a company upgraded their workstations, the specifications are nothing to scoff at.
* Pentium III 500 MHz
* 192MB of RAM
* 1GB Transcend disk-on-chip IDE module
* Dual 100Mbps NICs
Very interesting...
|
|
|
Source: Net-Security.org - Posted by Ryan Berens
|
Michael Rash, the author behind "Linux Firewalls" chimes in about his background, his distro of choice, the current state of Linux security and much, much more.
He covers many issues and provides a lot of insight into security and Linux:
Question: What is the most interesting fact you've become aware of while researching for this book?
Intrusion detection systems and firewalls commonly offer the ability to tear down TCP connections by forging a RST packets, but the specifics of how this is done varies quite a bit across different IDS and firewall implementations. The most interesting fact I stumbled across during my research concerns differences in the handling of the ACK control bit on RST packets. For example,
|
|
|
Source: Linux Mini - Posted by Eckie Silapaswang
|
|
IPFire is a linux based firewall distribution with a lot of extras. The base for the stable version 1.4.9 was the IPCop that has been hardly modified. There were added: Asterisk PBX, Samba, MorningReconnect, LPR-NG and many other things.
I've always been a fan of Shorewall and Firestarter - what have you used as a good base firewall setup? Any thoughts how this will match up in an enterprise server environment? |
|
|
Source: Tux Machines - Posted by Ryan Berens
|
Firewalls are often framed as a one job tool. Furthermore, when looking to set up a secure network infrastructure, this Debian Admin says that sometimes they aren't aren't even needed!
To the contrary, Firewalls can be engineered to serve a number of purposes such as fragment reassembly for instance (as the author at TuxMachines states) and are generally only as secure as they are configured to be.
It seems that Firewalls are commonly misconceived of both being the given for network security (possibly not true) and not nearly enough on their own (the given among those who know security).
(bonus points for those who know the movie being alluded to in the title)
|
|
|
Source: security Friday - Posted by Bill Keys
|
|
Sometimes a rule configuration may reside in a place other than the basic rule configuration place. In such a case, it is difficult to confirm whether it is an intended configuration by the system administrators. (Is an unnecessary hole open, or is a necessary hole open?) So, we developed a tool which checks the rule of a Firewall.
"
In any network your first line of defense is the firewall. One new firewall checker is called Dr.Morena. It's made up of two modules one is the check engine and the other is the packet list making engine. They work on Linux so it's good at checking your iptables. Go ahead and test your firewall to see how well it protects your network.
|
|
|
Source: SearchEnterpriseLinux.com - Posted by Eckie Silapaswang
|
|
'Spamming', when used in a different context, does not necessarily have to be email specific. If you ever had a chance to play arcade fighter's such as Street Fighter 2, you'll notice that certain fighters have "cheap" moves that can be "used over and over", such as M. Bison's scissor kick corner trap (ah the old days). A player could pretty much "spam" this combo over and over. The interesting part about this cheap combo is that it could be countered just as easily with some skill. A basic set of good iptables rules is the perfect counter punch to a slew of common spamming attacks - no need to have SpamAssassin or procmail process the email when it doesn't even get through the front lines! Read on to gain a good base understanding of iptables and its rules. Ha-dou-ken! |
|
|
Network managers looking for an inexpensive way to better secure traffic crossing their nets might want to check out a free application from Intoto.
Intoto, a provider of security software for enterprise network equipment and CPE gateways, last week at Interop, introduced a stand-alone intrusion-prevention system (IPS) application that the company says will help small and midsize companies looking for enterprise-scale security tools.
|
|
|
<< Start < Prev 4 5 6 Next > End >>
|
| Results 31 - 40 of 314 |
