lmyho <[EMAIL PROTECTED]> wrote: > I haven't lauch the gui firestarter yet, it's a good time, so I checked the > 'iptables -L', I do get many outputs, but for the three you listed, I got > different, > please see: > > Chain INPUT (policy DROP) > target prot opt source destination > > Chain FORWARD (policy DROP) > target prot opt source destination > > Chain OUTBOUND (1 references) > target prot opt source destination > > Why is mine 'policy DROP'? And under these title lines, under 'target', lots > of > them are ACCEPT, some are DROP. What happen? Does my firestarter running? > Or do I > have something set wrong? > > I would highly appreciate your help! Thanks!
I don't know too much about iptables, but here are some explanations. Policy DROP is normal and ok. Windoze firewalls call this 'stealth'. It means that, if somebody is trying to establish a connection to your computer, the firewall does not respond with a REJECT, but it will just DROP the IP packets. This makes it more difficult to establish if you really exist on the net. Some of the lines need to have ACCEPT, because if you close everything you won't be able to surf anymore. There are various sites on the internet that can scan you on request and give some indication of what your firewall is doing. But even if you get perfect results in such scans, you still need to keep your computer up-to-date with security updates. If you are serious about security there is lots of reading available on the net. Regards Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]