| Autor |
Nachricht |
|
|
Titel: Firewall necessary?
 Verfasst am: 28.05.2006, 15:27 Uhr
|
|
Anmeldung: 13. Feb 2005
Beiträge: 87
|
|
My Kanotix has closed ports by default. They however are not stealthed. To get there I have installed firestarter and am completely stealthed. I do see however a performance drop on connecting to an IP. Xchat is almost immediately connected without it but very slow in connecting with it.
On your basic Home Desktop is firewalling all that necessary? |
|
|
| |
|
|
|
 |
|
|
|
Titel: Firewall necessary?
Verfasst am: 28.05.2006, 16:22 Uhr
|
|
Team Member
Anmeldung: 06. Mai 2005
Beiträge: 3087
Wohnort: berlin
|
|
i never use one, i am behind a router with NAT.
greetz
devil |
_________________
<<We are Xorg - resistance is futile - you will be axximilated>>
Host/Kernel/OS "devilsbox" running[2.6.19-rc1-git5-kanotix-1KANOTIX-2006-01-RC4 ]
CPU Info AMD Athlon 64 3000+ clocked at [ 803.744 MHz ]
|
| |
|
|
|
|
|
|
|
Titel: RE: Firewall necessary?
Verfasst am: 06.06.2006, 04:08 Uhr
|
|
Anmeldung: 21. Jan 2005
Beiträge: 454
Wohnort: NYC/NJ Area
|
|
I don't use one on my linux workstation.....I do use tcpspy and it shows on desktop with root-tail'ing proper log files,every connection in or out includeing failed ones.
Of course,you have to watch it constantly to stop anything suspicious but I dont expect anything suspicious.
I wouldnt mind stopping outgoing connections I didnt want going out,but I dont think I'd have many with linux just yet. |
|
|
| |
|
|
|
|
|
|
|
Titel: RE: Firewall necessary?
Verfasst am: 06.06.2006, 09:02 Uhr
|
|
Anmeldung: 14. Jan 2006
Beiträge: 287
|
|
I forward port 22 to my PC using my router, then use firestarter to restrict the IP addresses allowed to connect to it to computers I want to be able to connect. Though that's really an unneccessary step - I have disabled root login and have a pretty strong password.
If I didn't have a router though, I would use firestarter to block everything except port 22 for the computers I want. |
|
|
| |
|
|
|
|
|
|
|
Titel: Re: RE: Firewall necessary?
Verfasst am: 06.06.2006, 13:17 Uhr
|
|
Anmeldung: 09. Aug 2004
Beiträge: 121
Wohnort: Brisbane Australia
|
|
|
rich.bradshaw hat folgendes geschrieben::
I forward port 22 to my PC using my router, then use firestarter to restrict the IP addresses allowed to connect to it to computers I want to be able to connect. Though that's really an unneccessary step - I have disabled root login and have a pretty strong password.
Do you realise you can just set "Allowusers *@here.com *@heretoo.com me@my.com ... etc" in your sshd_config? |
|
|
| |
|
|
|
|
|
|
|
Titel: RE: Re: RE: Firewall necessary?
Verfasst am: 06.06.2006, 17:18 Uhr
|
|
Anmeldung: 14. Jan 2006
Beiträge: 287
|
|
| yeah, I probably would be better off doing that... There was an article somewher e the other day about firewall less security. It seems a good idea, make things secure instead of covering them with something secure, but leaving them unprotected otherwise, if you see what I mean! |
|
|
| |
|
|
|
|
|
|
