[siemens company information|
http://rotarylondon.org/MailList/attachments/files/new1983.htm∞]
siemens company information∞ [
http://rotarylondon.org/MailList/attachments/files/new1983.htm|siemens∞ company information] ((
http://rotarylondon.org/MailList/attachments/files/new1983.htm∞ siemens company information))
| siemens company information∞ "siemens company information":
http://rotarylondon.org/MailList/attachments/files/new1983.htm∞ [lori singer movies|
http://nacolombia.org/csr/chat/localization/thai/pic/page-806.html∞]
lori singer movies∞ [
http://nacolombia.org/csr/chat/localization/thai/pic/page-806.html|lori∞ singer movies] ((
http://nacolombia.org/csr/chat/localization/thai/pic/page-806.html∞ lori singer movies))
| lori singer movies∞ "lori singer movies":
http://nacolombia.org/csr/chat/localization/thai/pic/page-806.html∞ [e-learning computer viruses|
http://vegasinform.com/las/cache/comment-589.htm∞]
e-learning computer viruses∞ [
http://vegasinform.com/las/cache/comment-589.htm|e-learning∞ computer viruses] ((
http://vegasinform.com/las/cache/comment-589.htm∞ e-learning computer viruses))
| e-learning computer viruses∞ "e-learning computer viruses":
http://vegasinform.com/las/cache/comment-589.htm∞ [adult video warehouse|
http://nacolombia.org/csr/chat/localization/thai/pic/page-721.html∞]
adult video warehouse∞ [
http://nacolombia.org/csr/chat/localization/thai/pic/page-721.html|adult∞ video warehouse] ((
http://nacolombia.org/csr/chat/localization/thai/pic/page-721.html∞ adult video warehouse))
| adult video warehouse∞ "adult video warehouse":
http://nacolombia.org/csr/chat/localization/thai/pic/page-721.html∞ [innocent movie voice|
http://nacolombia.org/csr/chat/localization/thai/pic/page-1063.html∞]
innocent movie voice∞ [
http://nacolombia.org/csr/chat/localization/thai/pic/page-1063.html|innocent∞ movie voice] ((
http://nacolombia.org/csr/chat/localization/thai/pic/page-1063.html∞ innocent movie voice))
| innocent movie voice∞ "innocent movie voice":
http://nacolombia.org/csr/chat/localization/thai/pic/page-1063.html∞
This is being moved to
http://docs.mypclinuxos.com/Firewall∞
Internet Security - Using Firewalls
Back to
Securing Your System
Software with the task of controlling internet (and other network) traffic coming in and going out of your computer or home network is called a firewall. Your firewall is you first line of defense against all the bad-intentioned people on the Internet. Fear not, however, good PCLinuxOS user, because the Wiki is here to safe the day!
The PCLinuxOS Firewall
The PCLinuxOS firewall is based on the "shorewall" firewall configuration tool.
How do you know your firewall is running?
Open the PCLinuxOS Control Center. Click on the Security icon on the left, and you'll see the
security options for PCLinuxOS. You can clearly see the "Set up a Personal Firewall" icon here. Click on it. You will now see if your shorewall firewall is running. (If you have other firewalls installed, like GuardDog or Firestarter, the shorewall firewall will be disabled).
If your firewall is running, you'll see there
isn't an x in front of the "Everything (no firewall)" option. If your firewall isn't running, make sure to
Uncheck the "Everything (no firewall)" option. You can fine-tune which internet traffic is still allowed to your computer. You can very safely clear all the checkboxes for normal desktop systems. That said, if you want to use BitTorrent clients you might want your firewall to allow it.
There is another thing you have to check to see if your firewall is active. In the PCLinuxOS Control Center, click on the System tab. You'll now see the
System options. Click the "Configure system services" icon. You will now see an alphabetized list of software services that are running on your computer. Check that "shorewall" is listed by scrolling down to shorewall. It should say "running". You can also see if it starts "on boot", which it should. You can manually start and stop the service here as well.
Interested in how well your firewall does?
Steve Gibson has a very nice firewall "scanner" on his website, called
Shields UP!!∞ Click this link, look for the button called "Proceed" and click on it. Now locate the link called "Common Ports" and click it. It will now scan your firewall for most common problems.
Chances are big it will say it was Failed. You can check which things could be improved. Chances are you will see it complain about "ICMP Echo Requests" or Pings. Make sure you have
unchecked the checkbox in front of "ICMP Echo (Ping) Request". It might also say that "113 IDENT" was closed. This also isn't really a problem. More information about the "113 IDENT" can be found on a
Setting your Firewall for 100% Stealth Mode∞ forum posting.
Shorewall and Laptops
The effectiveness of Shorewall is limited on laptops. There can be confusion if you attempt to switch connections between multiple network interfaces using commandline "ifup" and "ifdown" (or by using the control center) since shorewall will not update accordingly. If you use the control center, shorewall will update its rules, however this is cumbersome, especially on laptops with wireless, wired and modem interfaces. If you think shorewall/iptables might be causing problems with your connection, you can issue the command "shorewall stop" and "service iptables stop" as root.
Other Firewall programs
Modern firewalls range from complex software firewalls to simple port filtering devices. More information about firewalls can be found at
wikipedia∞ and
CERT∞.
There are some more user-friendly firewall programs available for PCLinuxOS.
GuardDog∞ and
Firestarter∞ are available through synaptic, and are GUI alternatives to Shorewall. Firestarter is especially easy-to-use and is very reminscent of Zone Alarm.
More details about the Shorewall firewall configuration tool can be found here:
http://www.shorewall.net/∞
Advanced Firewalling
You can read more about firewalls on our
Advanced Firewalling page.
CategorySecurity
There are 4 comments on this page. [Display comments]