lmyho <[EMAIL PROTECTED]> wrote:

> I haven't lauch the gui firestarter yet, it's a good time, so I checked the
> 'iptables -L', I do get many outputs, but for the three you listed, I got 
> different,
> please see:
> 
> Chain INPUT (policy DROP)
> target     prot opt source               destination
> 
> Chain FORWARD (policy DROP)
> target     prot opt source               destination
> 
> Chain OUTBOUND (1 references)
> target     prot opt source               destination
> 
> Why is mine 'policy DROP'?  And under these title lines, under 'target', lots 
> of
> them are ACCEPT, some are DROP.  What happen?  Does my firestarter running?  
> Or do I
> have something set wrong?
> 
> I would highly appreciate your help!  Thanks!

I don't know too much about iptables, but here are some explanations.

Policy DROP is normal and ok. Windoze firewalls call this 'stealth'. It
means that, if somebody is trying to establish a connection to your
computer, the firewall does not respond with a REJECT, but it will just
DROP the IP packets. This makes it more difficult to establish if you
really exist on the net.

Some of the lines need to have ACCEPT, because if you close everything
you won't be able to surf anymore.

There are various sites on the internet that can scan you on request
and give some indication of what your firewall is doing. But even if
you get perfect results in such scans, you still need to keep your
computer up-to-date with security updates. 

If you are serious about security there is lots of reading available on
the net.

Regards
Andrei
-- 
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to