Hello Russ, Wednesday, August 27, 2003, 9:55:48 PM, you wrote:
R> Besides, I know next to nothing about various types of connections R> and whatnot. So trying to set this firewall up manually would be a R> disaster. I would agree. If you can't find a good front end, it would be better to try to track down a pre-configured set of 'rules' with liberal comments, and, if the comments are well done for beginners, adjust them for your particular situation. R> ZoneAlarm was quick and easy "Do you want this program to access R> the net? yes or no" nuff said. I don't think you can get this with ANY configuration in Mandrake because, as I understand it, iptables is NOT application-aware as are several firewalls for Windoze. IMHO, this is a great oversight in protecting individual computers from 'calling home', as trojans or snoopware might do. OTOH, I might have missed how to or what can do this. If so, perhaps one of our experts can tell me how to do it. Briefly, for example, I would like ONLY Opera and Mozilla to be able to use port 80 out, and to alert me if anything else tries to use this port. How can I do that? R> Before I asked I did do a search for firewall programs. There are R> many. I was looking at Firestarter and Guarddog. Each seem to want R> Gnome or KDE. Are these required simply to configure but still R> works while logged into the other (KDE or Gnome)? I believe these are all just front ends for iptables, the actual 'guts' built into the kernel that does the firewalling. As such I don't think they would have to run to get 'firewalling', but please correct this if not true (I'm still rather newbie-ish). R> Is one better than the other? or is it six of one and half a dozen of R> the other? Any other possible candidates? They are all just ways of translating between desired firewall behaviors expressed in a comprehensible language (German, English, etc) and the iptables syntax (an initially incomprehensible language you would have to learn to get iptables to work). Many times, Linux users will insist that everyone learn these new 'languages', but wide acceptance will depend on how easy it is to get desired functionality WITHOUT having to learn these new 'languages'. I think a good set of iptables with EXTENSIVE comments FOR BEGINNERS might be one of the best ways to get a good firewall. R> I am on a cable modem with a router that connects 2 computers to the R> modem (if that matters) Might your router have a 'real' firewall? If so, it matters a lot. :-) You might already be well protected if it does. -- HTH, rikona mailto:[EMAIL PROTECTED]
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com