--- Andrei Popescu <[EMAIL PROTECTED]> wrote: > lmyho <[EMAIL PROTECTED]> wrote: > > > I haven't lauch the gui firestarter yet, it's a good time, so I checked the > > 'iptables -L', I do get many outputs, but for the three you listed, I got > different, > > please see: > > > > Chain INPUT (policy DROP) > > target prot opt source destination > > > > Chain FORWARD (policy DROP) > > target prot opt source destination > > > > Chain OUTBOUND (1 references) > > target prot opt source destination > > > > Why is mine 'policy DROP'? And under these title lines, under 'target', > > lots of > > them are ACCEPT, some are DROP. What happen? Does my firestarter running? > > Or > do I > > have something set wrong? > > > > I would highly appreciate your help! Thanks! > > I don't know too much about iptables, but here are some explanations. > > Policy DROP is normal and ok. Windoze firewalls call this 'stealth'. It > means that, if somebody is trying to establish a connection to your > computer, the firewall does not respond with a REJECT, but it will just > DROP the IP packets. This makes it more difficult to establish if you > really exist on the net. > > Some of the lines need to have ACCEPT, because if you close everything > you won't be able to surf anymore. > > There are various sites on the internet that can scan you on request > and give some indication of what your firewall is doing. But even if > you get perfect results in such scans, you still need to keep your > computer up-to-date with security updates. > > If you are serious about security there is lots of reading available on > the net.
Thank you Andrei! I feel much better for my firestarter now. :) __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
