On Saturday 13 December 2003 10:00 pm, Carren Stuart wrote: > What do you people all use/prefer for a firewall to run with Mandrake?
Well, I use iptables and have a custom written bash script to update the firewall with ip ranges that I want to block. Not particularly newbie friendly, but it gives me maximum control over the firewall. > I am not overly impressed with the inbuilt firewall configuration ... > so far I have had to disable it completely to get GAIM or my mail to > work. Firewalls are not the most newbie friendly technology to work with. If you have a broadband connection, you really should invest in a hardware router/firewall, there is really no substitute for that. > Someone elsewhere put me onto Guarddog, which I installed today and I > do like it. It gives me far better control over my firewall settings > and allows custom rule creation which is what I like. However, it does > not put an icon in the system tray, does not appear to give me any > alerts or request permissions for anything, and I really have no way > of knowing that it is even working. I really like to *see* what my > firewall is doing. Well, depending on the settings that guarddog uses, it probably logs to syslog when it drops packets. You can simply grep syslog to see the firewall at work. System tray icons and the like are a Window's creation to give a false sense of security to users. In essence, a software firewall with a system tray icon is actually quite insecure, it can be shut off quite easily and bypassed as well, it is not integrated into the kernel the way something like iptables is. So, if I had to choose, I would take Linux with an effective firewall solution and no GUI versus Windows with a mostly ineffective solution and a nice GUI. > Are there any other linux compatible firewalls out there, or front > ends for the built in one, that would give me the control I want, plus > allow me to monitor what it's doing? If you want to really know what your firewall is doing, there is no substitute for learning about it and implementing it yourself. If you really want something that puts it all together for you, I would recommend Bastille, but you should expect to have to invest some time learning. -- Bryan Phinney Software Test Engineer
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
