On Thu, 2002-02-14 at 10:07, David Stevenson wrote: > On Tue, 12 Feb 2002 20:28:05 -0200 > Rodrigo <[EMAIL PROTECTED]> wrote: > > > Hello all ! > > What is the best way to make a firewall for a desktop station ? There > > aren't any servers running on my computer. > > Right after installing mdk8.1 I ran the control center and set the > > firewall answering the questions. Some time ago I decided to explore the > > BastilleInteractive options (I was curious) and left almost all the > > items set with the default options. I think it didn't make much > > difference for me and I have the same settings I had with the control > > center's firewall, but there is a doubt: how can I make sure that my > > firewall is running ? I don't see any process called Bastille or > > iptables with ps -ax, I only see a message during the boot process, > > "initializing Bastille Firewall [OK]". > > Another question, are all the standard firewall that come with mdk8.1 > > dependant on Bastille or I can disable Bastille at start-up ? > > Thanks, > > > > Rodrigo > > > > > > > > > Don't be fooled by the name Bastille, it is nothing more than a glorified rules >generator for the iptables system. Iptables is a kernel system so that you will not >see a daemon running. It is a set of rules that each packet entering or leaving the >system will pass thru. I posted a mail to this or the expert list within the last >month detailing the basic rules to lock your system. /sbin/iptables -l as root will >show you what rules are in place. If you read the iptables man pages etc, you will >never go back to Bastille or any other rule generator, the best firewall is always >the one that you write yourself only if you know what you are doing. And that does >not take long with iptables! > > Thats enough from me for now! > > ATB > Dave > > ---- >
> Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Make that /sbin/iptables -L
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
