securing Ubuntu and firewall

Eric B barlier at gmail.com
Sat Feb 25 09:01:03 UTC 2006 

I have something here for the IP table savvy out there:

http://s37.yousendit.com/d.aspx?id=1UF4ZYWTE9OIX3BKU6Q5NK6B1Y

its a doc about how to setup an invisible firewall in Linux. the concept is
to run it from OSI layer 2.

from the doc: A transparent bridging stateful firewall based on Redhat Linux"

Transparent: Invisible. See-through. For a firewall, that means it
can't be seen.
Bridging: In geek speak: Layer 2 only. In plain english: It ain't got
no Internet address.
Stateful: It keeps track of connections to safely allow valid
user-initiated network transactions to pass through unscathed

so the drawback is that u d maybe need redhat (someone will fix that
surely) and the doc itself is in PPT format..

enjoy, Im gonna go back to IP table basics myself..

On 2/25/06, Ted Treadwell <theodore_3 at yahoo.com> wrote:
>
>
> --- "H.S." <hs.samix at gmail.com> wrote:
>
> > John Richard Moser wrote:
> > > you don't need a firewall unless you installed
> > something nasty.  Ubuntu
> > > doesn't open ports by default on the outside.
> >
> > Can somebody else confirm this? I personally don't
> > think that is true.
>
> Ubuntu by default doesn't listen on any ports so no
> connections should be made unless and until initiated
> by the machine in question.
>
> > When I checked using "iptables -nvL" command on my
> > friend's computer,
> > his INCOMING, FORWARD and OUTGOING policies were all
> > ACCEPT. The system
> > is relatively a new install of Ubuntu. So it appears
> > all ports were
> > actually left open since the installation.
> >
>
> This indicates no packet filtering is happening, i.e.
> no firewall, but the ports are still all closed.
>
> > Moreover, I would rather have a firewall no matter
> > if I have "nasty
> > programs" (whatever that means) or not. It is just
> > being cautious.
> >
> > regards,
> > ->HS
> >
>
> I tend to agree.  I use iptables directly because I
> wanted to learn how it works.  I used the tutorial at
> http://www.faqs.org/docs/iptables/  Hope this helps.
>
> -Ted
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>

More information about the ubuntu-users mailing list