that FC2 Firewall

ems · #1 6th July 2004, 02:26 AM

Hello

So how good is the FC2 firewall ?
Is it better than Firestarter ? or Guarddog ?

I went to grc.com, and what showed up was that while the majority of ports were stealth, a few were closed, but none were open.
Is that anything to worry about ?

Much thanks
ems

deuch · #2 6th July 2004, 02:40 AM

Firestarter or guarddog are frontend for iptables the firewall in FC2.

Firestarter is easy to use and you can stealthe port that you don't use ...

Stealth is the best because it's like that this port doesn't exist ... Closed ports are ports that are visible but not accessible.

There are some HowTo and tutoriel to enable rules in iptables on the net ... try a google search

deuch

Cr0n_J0b · #3 6th July 2004, 06:21 AM

I use firestarter for the GUI setup...after that read an IPtables Howto for more indepth setting...

Just remember, the firewall is the same...IPtables...you set rules in a config file that is checked when matching packets...

IPTables is an EXCELLENT firewall with almost every feature you would ever need.

If you want to turn a small linux box into a dedicated firewall, I would look at smoothwall.

ems · #4 6th July 2004, 01:47 PM

Well I have hear that Smoothwall is a bit of a horse.

It's a pity that Guarddog is not available for FC2, altho it is for FC1 ( which makes me wonder if the FC1 version might not work in FC2 ).

The thing with Guarddog ( from my experience with it in Mandrake ) is that when you do the grc.com Shield test, it delievers a complete stealth result.
On the otherhand for some reason, the native firewall in FC2 and Firestarter both leave various as ' closed ' and the rest as ' stealthed '.

Also Guarddog is a very good piece of front-end, so maybe I've been spoilt by it.

Cheers ems

flea · #5 6th July 2004, 01:57 PM

i like shorewall myself

ems · #6 6th July 2004, 02:31 PM

I went and had a look at Smoothwall.
Is it really a 20 meg application ?

Sounds huge !
Gosh what does it have in it ?

or am I missing something ?

cheers ems

Varkk · #7 6th July 2004, 03:12 PM

Smoothwall is not an application, but a standalone linux distro which is designed to only act as a firewall/router. You set it up on an old PC, plug your modem/router/whatever you connect to your ISP with and pop it in a cupboard or something. We use it at our flat to share out our ADSL connection to our PCs and laptops.

Bana · #8 6th July 2004, 03:17 PM

Yes I also use it and can attest to its usefullness. The remote web access setup is superb and it never lets me down.

sailor · #9 6th July 2004, 03:50 PM

Correct me if I am wrong, but I have heard that if you are using a router (I have a Linksys befsr41) that a firewall is not necessary. I have gone to grc.com(Shields Up!) and all is good all ports stealth..etc...I have tried this wIth both WIndows and FC2 with no firewall and the same, all ports are stealth...

PompeyBlue · #10 6th July 2004, 09:20 PM

Quote:

Originally Posted by sailorsgh

Correct me if I am wrong, but I have heard that if you are using a router (I have a Linksys befsr41) that a firewall is not necessary. I have gone to grc.com(Shields Up!) and all is good all ports stealth..etc...I have tried this wIth both WIndows and FC2 with no firewall and the same, all ports are stealth...

Routers are such evil things for peer to peer communications that you are fairly secure from any type of incoming packet attack. That's not to say that some vulnerable open port hasn't packeted out, punched a whole in the router, which somebody could port scan to issue nasty packets to (although it's more unlikely).

The only thing they can't stop are client\server type attacks (i.e. you going to a web page and downloading some dodgy html\java code exploit) or retrieving email with trojans in. Although, I guess, you would want to use a virus scanner to prevent that threat.

flea · #11 7th July 2004, 12:45 AM

just turn your router into a hub and go from there

Varkk · #12 7th July 2004, 12:55 AM

Quote:

Originally Posted by sailorsgh

Correct me if I am wrong, but I have heard that if you are using a router (I have a Linksys befsr41) that a firewall is not necessary. I have gone to grc.com(Shields Up!) and all is good all ports stealth..etc...I have tried this wIth both WIndows and FC2 with no firewall and the same, all ports are stealth...

Well we could do that here with our router, but the smoothwall provides so much more support for port forwarding, IPblocklists, logs of connections etc. Not to mention a local squid proxy cache. All of these things are hard to find in a consumer level router.

usopso · #13 7th July 2004, 02:25 AM

you should try Arno's iptables script which is BEST of all!sure it works with iptables and supports kernel 2.6xx version

sailor · #14 7th July 2004, 10:04 AM

If I had another available and suitable computer to use as the firewall I might go that route with a smoothwall setup...
I guess its also important to know what is trying to contact the net from my box...of course I have more problems with my Windows in that regard...

Algernon · #15 8th July 2004, 10:00 AM

Personally I don't like bloat so I use LEAF ( http://www.leaf-project.org/ ) with a separate PC (486/50Mhz with 16MB memory and two network cards). Booting of a 1.44MB(1.68MB) floppy.
No HD and NO NOISE.

-M