On Tue, 12 Feb 2002 20:28:05 -0200 Rodrigo <[EMAIL PROTECTED]> wrote:
> Hello all ! > What is the best way to make a firewall for a desktop station ? There > aren't any servers running on my computer. > Right after installing mdk8.1 I ran the control center and set the > firewall answering the questions. Some time ago I decided to explore the > BastilleInteractive options (I was curious) and left almost all the > items set with the default options. I think it didn't make much > difference for me and I have the same settings I had with the control > center's firewall, but there is a doubt: how can I make sure that my > firewall is running ? I don't see any process called Bastille or > iptables with ps -ax, I only see a message during the boot process, > "initializing Bastille Firewall [OK]". > Another question, are all the standard firewall that come with mdk8.1 > dependant on Bastille or I can disable Bastille at start-up ? > Thanks, > > Rodrigo > > > > Don't be fooled by the name Bastille, it is nothing more than a glorified rules generator for the iptables system. Iptables is a kernel system so that you will not see a daemon running. It is a set of rules that each packet entering or leaving the system will pass thru. I posted a mail to this or the expert list within the last month detailing the basic rules to lock your system. /sbin/iptables -l as root will show you what rules are in place. If you read the iptables man pages etc, you will never go back to Bastille or any other rule generator, the best firewall is always the one that you write yourself only if you know what you are doing. And that does not take long with iptables! Thats enough from me for now! ATB Dave
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
