LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Firewalls
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



A Dedicated Firewall/Router: Devil-Linux  20 May 2008 
Source: Linux Journal - Posted by Bill Keys   
Devil-Linux is a distribution which boots and runs completely from CD. The configuration can be saved to a floppy diskette or a USB pen drive. It was originally intended to be a dedicated firewall/router but now Devil-Linux can also be used as a server for many applications. Attaching an optional hard drive is easy, and many network services are included in the distribution. Have you used any Linux distributions which are design to be used as a firewall or router? This article looks at the Devil-Linux distribution with some useful links to learn more about this Linux distro.
 
Firewall Configurations With Guarddog  11 April 2008 
Source: linux-magazine - Posted by Bill Keys   
The KDE Guarddog program promises an easy Linux firewall setup with just a few clicks. Guarddog helps inexperienced users secure computers and even whole networks against attack. The IPChains (Linux 2.2) and IPTables (Linux 2.4) tools configure the Linux firewall, but these commandline tools can be slightly cryptic for Linux newcomers. Simon Edwards developed Guarddog [1] to simplify the task of firewall configuration. Guarddog is a GUI-based configuration utility for managing firewalls. The Guarddog utility is licensed under the GPL and runs on either KDE 2 or KDE 3. I am interesting if anyone as used KDE Guarddog and what do you think about it? I normally just manually add iptables from the command line but if this tool makes it easier then I am game.
 
Linux Demilitarized Zone (DMZ) Ethernet Interface Requirements and Configuration  17 December 2007 
Source: http://www.cyberciti.biz/faq/ - Posted by Ryan Berens   
(The)Demilitarized zone, used to secure an internal network from external access. You can use Linux firewall to create DMZ easily. There are many different ways to design a network with a DMZ. The basic method is to use a single Linux firewall with 3 Ethernet cards. The following simple example discusses DMZ setup and forwarding public traffic to internal servers.

There's a little advanced know-how required here and he recommends a couple good firewalls to set up such functionality just in case this very useful guide doesn't fit the bill. If you are looking to set up a Linux Demilitarized zone a couple of options include EnGarde, IpCop and others.
 
Iptables as a Replacement for Commercial Enterprise Firewalls  14 December 2007 
Source: www.linux.com - Posted by Ryan Berens   
Are you administrating a corporate network? How do you ensure securing your web services? There are many different solutions, but Iptables is one of the newer ones, and is up to the job.

With IT budgets getting tighter, managers need to trim costs. Service contracts are expensive for any technology; firewalls are no exception. Netfilter, the project that provides the packet filtering program Iptables, is a free firewall alternative. While it lacks the service contract of commercial solutions and a pretty interfaces to make firewall modification easy, it has solid performance, performs effectively at firewalling, and allows for add-on functionality to enhance its reporting and response functions.
 
Review: 7 Linux/BSD Firewalls  26 November 2007 
Posted by Ryan Berens   
A new blogger to the Linux Security space (he switched months ago), the owner of Fsckin w/linux took a trip to test Firewalls and Linux. From IPCop to Smoothwall to the 8MB Monowall, he compares and contrasts the value of each platform - but with a catch.

The HP Vectratesting platform we are using today is an HP Vectra slimline PC. Considering the computer was FREE (as in beer) after a company upgraded their workstations, the specifications are nothing to scoff at.

* Pentium III 500 MHz
* 192MB of RAM
* 1GB Transcend disk-on-chip IDE module
* Dual 100Mbps NICs


Very interesting...
 
Interview with the author of "Linux Firewalls"  12 November 2007 
Source: Net-Security.org - Posted by Ryan Berens   
Michael Rash, the author behind "Linux Firewalls" chimes in about his background, his distro of choice, the current state of Linux security and much, much more.

He covers many issues and provides a lot of insight into security and Linux:

Question: What is the most interesting fact you've become aware of while researching for this book?

Intrusion detection systems and firewalls commonly offer the ability to tear down TCP connections by forging a RST packets, but the specifics of how this is done varies quite a bit across different IDS and firewall implementations. The most interesting fact I stumbled across during my research concerns differences in the handling of the ACK control bit on RST packets. For example,
 
IPFire: Free firewall for your home or SOHO  17 October 2007 
Source: Linux Mini - Posted by Eckie Silapaswang   
IPFire is a linux based firewall distribution with a lot of extras. The base for the stable version 1.4.9 was the IPCop that has been hardly modified. There were added: Asterisk PBX, Samba, MorningReconnect, LPR-NG and many other things.

I've always been a fan of Shorewall and Firestarter - what have you used as a good base firewall setup? Any thoughts how this will match up in an enterprise server environment?

 
Firewalls? Firewalls?? We don't need no stinkin' Firewalls!!  11 October 2007 
Source: Tux Machines - Posted by Ryan Berens   
Firewalls are often framed as a one job tool. Furthermore, when looking to set up a secure network infrastructure, this Debian Admin says that sometimes they aren't aren't even needed!

To the contrary, Firewalls can be engineered to serve a number of purposes such as fragment reassembly for instance (as the author at TuxMachines states) and are generally only as secure as they are configured to be.

It seems that Firewalls are commonly misconceived of both being the given for network security (possibly not true) and not nearly enough on their own (the given among those who know security).


(bonus points for those who know the movie being alluded to in the title)
 
Firewall Configuration Testing Tool  25 July 2007 
Source: security Friday - Posted by Bill Keys   
Sometimes a rule configuration may reside in a place other than the basic rule configuration place. In such a case, it is difficult to confirm whether it is an intended configuration by the system administrators. (Is an unnecessary hole open, or is a necessary hole open?) So, we developed a tool which checks the rule of a Firewall. " In any network your first line of defense is the firewall. One new firewall checker is called Dr.Morena. It's made up of two modules one is the check engine and the other is the packet list making engine. They work on Linux so it's good at checking your iptables. Go ahead and test your firewall to see how well it protects your network.

 
Securing Your Linux Server With Iptables  20 July 2007 
Source: SearchEnterpriseLinux.com - Posted by Eckie Silapaswang   
'Spamming', when used in a different context, does not necessarily have to be email specific. If you ever had a chance to play arcade fighter's such as Street Fighter 2, you'll notice that certain fighters have "cheap" moves that can be "used over and over", such as M. Bison's scissor kick corner trap (ah the old days). A player could pretty much "spam" this combo over and over. The interesting part about this cheap combo is that it could be countered just as easily with some skill. A basic set of good iptables rules is the perfect counter punch to a slew of common spamming attacks - no need to have SpamAssassin or procmail process the email when it doesn't even get through the front lines! Read on to gain a good base understanding of iptables and its rules. Ha-dou-ken!

 
<< Start < Prev 4 5 6 Next > End >>

Results 31 - 40 of 315
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.