[svlug] Firewalls are easy now.
Karl F. Larsen
k5di at zianet.com
Thu Sep 12 04:49:57 PDT 2002
For a couple of years now I have been given a choice when loading
Redhat linux of 3 things related to a Firewall. Like all normal people asked
to choose a number between 1 and 3 I always picked 2 and went on. It seemed
to work whatever a firewall does.
About a week ago I started loading wu-ftp so I can transfer things
between my laptop and this computer at 100 million bytes/sec. It's lots
faster than putting whatever on a floppy disk(s).
I used Winmen to set up wu-ftp and it did a fine fast job getting
the chroot right and everything. I was ready to go bigtime if I want too.
But when I tested it didn't work. So others had talked about Firewall
problems so I decided to learn about that.
On Redhat 7.3 there is a thing you can click that comes up and tells
you it can adjust your firewall, but do not believe this. I was able after
10 minutes to simply click new and choose no firewall. I did this and my
ftpd stated working and it was good!
But then everyone said you have your ftp available to the internet
and someone can ruin your computer. So knowing that stupid window will not
work to set up a good firewall so I need to get help. I went to the Redhat
manuals and they said use gnome-lokkit. Well I didn't have that on my
computer so went looking on cd #2 and there it was. I loaded it and went to
/user/share/doc/gnome-lokkit/ and looked at AUTHORS. There was just one by
the name of Mr. Alan Cox.
So without further ado I brought up gnome-lokkit and it is a work of
art! In clear english he tells you what he will do, then asks you clear easy
to understand questions about your computer and has choices of what to do. I
was done in 5 minutes.
Tried my localloop and laptop to this computer and both ftp worked
fine. But how good is the Firewall that Mr. Cox made? I was told about a web
page that tests your firewall. It is at www.grc.com and it's a nice tool. I
did the main test and it said the firewall is good but don't expect it to
last...and then I ran the probe test. The webpage got my ip number right and
probed all the ports and found NO computer at them!
I'm sure my firewall works now and know how to change it if desired
and know it will work well. There is even a question asked whether I had a
web page server I wanted to leave open.
72, Karl K5DI
_ __ _ _ _ _ _ _
| | |_ _|| \| || | | | \ \/ /
| |__ | | | .` || |_| | > <
|____|__ ||_|\_|\____/ /_/\_\
More information about the svlug