Re: Do you need a firewall? Yes you do! Try Firestarter.

I will defently check it out.
Thanks,
Joey

Re: Do you need a firewall? Yes you do! Try Firestarter.

You're welcome Joey.
I do really recommend everyone to run those tests. Even if you have a firewall installed or if you are an iptables guru. They can show some holes you didn't even suspect could exist.
As to firewalls I've tried several but this one has that visual "bang" others don't. It's much nicer than just to receive logfile reports by mail and out of the box is ideal for a newbie, nothing to configure t'ill it's needed.

Best regards,
A.Correia

Re: Do you need a firewall? Yes you do! Try Firestarter.

I installed firestarter but when i try to launch it it shows up that I haven't root privileges..how can I change my privileges into root privileges?
Thanks

Re: Do you need a firewall? Yes you do! Try Firestarter.

try kdesu firestarter. firestarter is a good tool, but I would prefer using iptables from colsole.

Re: Do you need a firewall? Yes you do! Try Firestarter.

Once launched for the first time with sudo or anything similar it will install an icon on kde's taskbar. Every new time you reboot or login you'll be asked your password so it will run in root mode.
You can find the full documentation in:

http://www.fs-security.com/docs.php

I do agree with you that running iptables from the console as a lot more flexibility but it requires indepth knowledge of what you're doing.
My purpose was just to warn users to the need of installing a firewall and at the same time suggesting them a simple one that won't require full knowledge of what's going on.
I've tried most of them (Simple Firewall in Webmin, Shorewall, etc) and you have at least to know what default policy and rules to apply because when you install them they are not configured. Most users don't have that kind of knowledge (though of course they can learn).
Firestarter has nevertheless an unique advantage over the others. You won't just receive log reports by email, you can see in real time if your computer is being attacked, from which host, to which port and what is the kind of attack. It blocks the attacks but it does also allow you, by right clicking on a report's line, to take further actions.
And I suppose that for the rest it will be all a question of personnal taste like gnome vs kde. 
Anyhow my initial idea when I started this thread was to talk about security in general and give some hints. Everyone's opinions, suggestions or experiences with iptables, firewalls or any other form of defence is welcome, we will all profit from the experience of each other.

Best regards,
A.Correia

Re: Do you need a firewall? Yes you do! Try Firestarter.

You probably get me wrong, my intention was not to undermine you or anyone. I was just trying to express my opinion. I do agree that firestarter (as I already stated) is a very good tool. I just put iptables into the scene to let people know that there is a tool called iptables, which they can use for configuring firewall rules.

As for a side note, guidedog, guarddog and watchdog are also good tools related to firewall. I like all of them.

Re: Do you need a firewall? Yes you do! Try Firestarter.

I did understand your purpose and I saw no criticism in it. It's a good idea to let people know about iptables and above all to think about what's security related.
Your opinion is most welcome and if you want (and have the time to do it) you could probably give more details on the other firewalls you mention.

Best regards,
A.Correia

Re: Do you need a firewall? Yes you do! Try Firestarter.

It's all nice advice, but I think it's more than a little misleading to call unstealthed ports "holes".  That implies that there is some danger, or an opening where an attacker can enter through a "hole". 

Re: Do you need a firewall? Yes you do! Try Firestarter.

And one more thing: Don't let the tests fool you. If you are at home, connected via your router with an embedded firewall, these tests will show that you are secure. But you would like to have one of these firewalls (I don't discuss which one) in your computer or iptables info in your head in case that you connect to internet directly from somewhere else.

MeMo

Re: Do you need a firewall? Yes you do! Try Firestarter.

Yes, you are absolutely right. All sites recomend you run the tests without a firewall or a router (with or without firewall) because it may (will) give wrong results in the tests.
I've tried the tests with and without firewall and router. Without them 90% of the system was protected against known threats (and the word known means what it means). With the software firewall I could reach about 98%. When I use the router with its internal firewall (properly configured) the result is 100%.
Of course there are no warranties. Some trojans like LKM if they find the way into your system (ie. software installed from untrusted sources) can open the doors from the inside. The best answer to that is to use tools like portsentry, snort, logcheck, chkrootkit (particularly usefull to detect trojans), tripwire, etc. I use Webmin to configure most of them, it makes the task easier than editing config files by hand.
There's not a single tool for the job, they are complementary and in order to succeed a wyse use of all or some of them can avoid you a lot of trouble.
I have found another testing site:

http://www.pcflank.com

They have the thoughest tests I've found t'ill now and it's worth mentioning they will also test your browser's security.
I was puzzeled when my browser (Firefox 1.07) failed the privacy test. The report mentioned "referrers" and after some browsing with Google I learned about what was going on and how to increase the protection of my private data while surfing around.
Referrers are informations supplied by your browser regarding last places visited, etc. Some sites use that in a legitimate way just for statistical purposes but others use it to know your preferences and use them against you (spam comes into my mind).
I don't know the solution for other browsers but in what regards Firefox you should do this:

Open URL about:config
Find the line containing network.http.sendRefererHeader double click on it and when prompted change the value from 2 to 0.

If you have other hints or ideas share them with the comunity. Thanks.

Best regards,
A.Correia

Re: Do you need a firewall? Yes you do! Try Firestarter.

I am running the hardware firewall from my router. Running it from the router can be bothersome to some P2P programs, but it is much more freindly to my networked printer.
So if you want to run a software firewall, by default it prob will cuase you loose connection to your printer, but that can normally be fixed by opneing up port 9110 (<--i think its this?).
So I guess you have to take the good with the bad.
Cheers,
Joey

Re: Do you need a firewall? Yes you do! Try Firestarter.

I don't have a printer at home for the moment so I don't know what will happen when I'll install one.
Anyhow I suppose that the communication with a printer being an outbound one should work unless you have also blocked outbound comms in some ports. Can't the problem with the printer come from somewhere else? I've seen lots of complaints in the forums regarding printers and I suppose most of those users don't even have a firewall installed...
In what regards P2P I'm using Skype and Wengophone without problems and they're going through both soft and hard firewalls.

Best regards,
A.Correia