laurent besson a écrit : > Le jeudi 8 Juin 2006 23:23, JF Straeten a écrit : >> Et quant tu lances l'interface graphique, il ne te demande pas ton pwd >> de root ? C'est le comportement que j'ai constaté sur une sarge en >> tout cas. > > Et c'est normal, parce que jusqu'a preuve du contraire l'administrateur sous > linux c'est root ! > > Non, non,
Voici le mode d'emploi que j'avais pris sur le site officiel : > Q: How can I get Firestarter to load automatically when I log in as a regular > user? > Firestarter running in the system tray > > Normally when you start Firestarter by clicking an icon or manually from a > terminal, the system will prompt you for your root user's password. However, > this is a bit of a hassle, especially if you want to run Firestarter all the > time when logged in. In that case Firestarter can be loaded in the background > when you log in with your regular user, without asking a password and > minimized to the system tray (pictured right). > Giving the user permission to launch Firestarter without the root password > > In order for a regular user to be able to launch Firestarter, the user must > be given additional privileges. Edit your /etc/sudoers file in your favorite > text editor and add the following line at the end: > username ALL= NOPASSWD: /usr/bin/firestarter > > Note: Debian users should replace /usr/bin/firestarter with > /usr/sbin/firestarter in the above line. > > Simply replace username with whatever your login is. The specified user is > now able to launch Firestarter without being prompted for a password using > the command sudo firestarter. > > A note on the security aspects: This method makes a trade off in local > security for convenience. If your user account becomes compromised the > attacker will be able to control the firewall. However this method is > preferable to having a shared root user password in a multiuser setting. It > is also preferable if the alternative is not to run Firestarter at all. > Launching Firestarter minimized to the tray on login > > Having performed the above configuration of permissions, the system can > further be set up to load Firestarter when you log in with your regular user > account. Firestarter will in that case load directly into the system tray > without user intervention, after which the main interface can be accessed by > clicking the tray icon. > > Using GNOME: > The GNOME sessions manager > > Open up your GNOME menu, select Preferences followed by Sessions. Switch to > the Startup programs tab, pictured right. > > Click Add and enter > sudo firestarter --start-hidden > as the startup command. Click OK and you're done. > > To stop Firestarter from loading on login, simply remove its entry from the > startup programs listing. > > Using KDE: > > Open a terminal and execute the following two commands: > > echo -e '#'\!'/bin/sh\nsudo firestarter --start-hidden' > > ~/.kde/Autostart/firestarter > chmod a+x ~/.kde/Autostart/firestarter > > Firstarter will now load automatically when KDE starts. To stop Firestarter > from loading when you log in, remove the ~/.kde/Autostart/firestarter file. > > > > Q: How can I test if the firewall is working for sure? > > The only way to know for sure if your firewall coverage is complete is for an > outside party to test it. You can not run nmap or some other network tool to > test the firewall from the firewall host itself. > > There are many free sites on the Internet that will provide a remote scan of > your system. Here are a few that we have found useful, as well as the > expected result with the Firestarter default policy loaded: > > * Sygate Security Scan : http://scan.sygatetech.com/ > The scan will report Unable to detect any running services! > * Shields Up! : https://grc.com/x/ne.dll?bh0bkyd2 > The scan will report all ports as stealted > > Why you might not be getting the results you expect > > If some specific port is reported as Closed instead of Stealthed by Shields > Up, your Internet service provider is probably blocking the port before the > scanner even connects to your machine. This is typical for ports such as 25 > (SMTP) and 80 (HTTP) that your ISP prohibits you from running services on. > > If you have a DSL or cable modem box that provides Network Address > Translation services, it is possible that the scan does not reflect the > status of Firestarter but that of the box. -- Lisez la FAQ de la liste avant de poser une question : http://wiki.debian.net/?DebianFrench Vous pouvez aussi ajouter le mot ``spam'' dans vos champs "From" et "Reply-To:" To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
