Firewall - Ubuntu

This is a discussion on Firewall - Ubuntu ; On Sat, 29 Dec 2007 15:09:21 GMT NoStop wrote: > Trevor Best wrote: > > > On Sat, 29 Dec 2007 14:15:25 GMT > > NoStop wrote: > > > >> > The only thing that is normally going to ...

+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 21 to 40 of 57

Thread: Firewall

  1. GUI vs CUI (was Re: Firewall)

    On Sat, 29 Dec 2007 15:09:21 GMT
    NoStop wrote:

    > Trevor Best wrote:
    >
    > > On Sat, 29 Dec 2007 14:15:25 GMT
    > > NoStop wrote:
    > >
    > >> > The only thing that is normally going to go out on it's own is the
    > >> > updater, checking to see if there are any updates available. And this
    > >> > is completely configurable.
    > >> >
    > >> And the NTP client, which isn't something to be concerned about either.

    > >
    > > Etherape will show the sites you're connecting to, not necessarily the
    > > program that's making the connection though.
    > >

    > Trevor, what you might find somewhat entertaining is to using Etherape.
    > Shows the ethernet chatter in a graphical way. More in keeping with your
    > stated likes when it comes to GUIs. :-) It works especially well with
    > dual-monitors, giving one the realestate to watch what's happening while
    > doing other things.


    I should have qualified my other statement further, "not a fan of the
    CUI _newsreader_" seems the context wasn't there for all to see.

    There are of course things I like better as GUIs and yes, Etherape is
    entertaining in that way rather than watching firewall logs scrolling
    up just as Firefox is a lot nicer IMO than say Lynx.

    I do advocate dropping down to a terminal to do anything serious as I
    do with the command prompt in Windows, copying large numbers of files
    for instance, in both OSs is more controlled from a command prompt than
    the GUI (e.g. auto clobber of older files, etc.).

    I've nearly always got a terminal window open (not as I write this
    mind, bah!)

    --
    Have you ever imagined a world with no hypothetical situations?

  2. Re: Firewall

    On Sat, 29 Dec 2007 15:18:58 GMT
    NoStop wrote:

    > DUH, forgive me. Reading comprehension problem here. I read "ethereal".
    > Geez. Time for another cuppa coffee. Too early in the morning for me I
    > guess.


    It's afternoon here, and I only got a couple of hours ago :-)

    Coffee, you've given me an idea...

    --
    Have you ever imagined a world with no hypothetical situations?

  3. Re: Firewall

    On Sat, 29 Dec 2007 15:24:23 +0000
    Trevor Best wrote:

    > It's afternoon here, and I only got a couple of hours ago :-)

    ^
    up
    --
    Have you ever imagined a world with no hypothetical situations?

  4. Re: Firewall

    On Sat, 29 Dec 2007 14:30:17 +0000, Trevor Best wrote:

    > Etherape will show the sites you're connecting to, not necessarily the
    > program that's making the connection though.


    Etherape is cool!!! Thanks!

    --
    // This is my opinion.

  5. Re: Firewall

    jebblue writes:

    > On Sat, 29 Dec 2007 14:30:17 +0000, Trevor Best wrote:
    >
    >> Etherape will show the sites you're connecting to, not necessarily the
    >> program that's making the connection though.

    >
    > Etherape is cool!!! Thanks!


    It's very cool, but not very useful IMO. Having said that maybe I missed
    some config option which makes it so.

  6. Re: Firewall

    On Fri, 28 Dec 2007 23:31:22 +0000, NoStop wrote:


    >
    > With Windoze it's malware like spambots trying to connect to the Internet
    > unknown to you. Hopefully your Linux box doesn't have malware like that
    > installed. It takes an effort on your part to make malware work under
    > Linux.
    >

    Thanks everybody for the replies. Much appreciated - no doubt I'll be
    back with more questions in the future.

  7. Re: Firewall

    On Sat, 29 Dec 2007 17:09:27 +0100, Hadron wrote:

    > It's very cool, but not very useful IMO. Having said that maybe I missed
    > some config option which makes it so.


    It fills the gap between Wireshark (very detailed) and Gkrellm's network
    monitor which just indicates whether the network is busy.

    It is a radar scope for my network, a window.

    It is something I've thought about writing for a long time but never did.

    It needs a slider at the bottom representing time history and maybe
    something like an Audacity graph which shows when my network was busy so
    I can jump to that point in time and play the activity to see what was
    going on. The graph could show light blue for just one busy protocol, red
    for say 3 and yellow for 5 or more busy protocols during that time. I
    added this to the forums, http://sourceforge.net/forum/forum.php?
    thread_id=1901314&forum_id=8022

    Some people suggested the ability to plot on an earth graph, that would
    be cool too.

    --
    // This is my opinion.

  8. Re: Firewall

    jebblue writes:

    > On Sat, 29 Dec 2007 17:09:27 +0100, Hadron wrote:
    >
    >> It's very cool, but not very useful IMO. Having said that maybe I missed
    >> some config option which makes it so.

    >
    > It fills the gap between Wireshark (very detailed) and Gkrellm's network
    > monitor which just indicates whether the network is busy.


    Have a look at gkrellm's "internet" plug in. You can watch specific
    ports too. Nice.

    >
    > It is a radar scope for my network, a window.


    But how is it useful? It flicks around too much and doesn't even give
    the ability to freeze the display and do a whois on the unselectable ip
    addresses. (One pet hate of mine is any interface which give information
    but doesnt allow you to select and copy that info for further use).


    >
    > It is something I've thought about writing for a long time but never did.
    >
    > It needs a slider at the bottom representing time history and maybe
    > something like an Audacity graph which shows when my network was busy so
    > I can jump to that point in time and play the activity to see what was
    > going on. The graph could show light blue for just one busy protocol, red
    > for say 3 and yellow for 5 or more busy protocols during that time. I
    > added this to the forums, http://sourceforge.net/forum/forum.php?
    > thread_id=1901314&forum_id=8022
    >
    > Some people suggested the ability to plot on an earth graph, that would
    > be cool too.


    The ability to simply list in a column the ip addresses and the
    bandwidth used on what ports and an automatic lookup on who they are
    would be useful.

    The current interface is nothing more than a relatively useless gimick
    IMO. But I'm prepared to be convinced otherwise.

  9. Re: Firewall

    On Sat, 29 Dec 2007 19:42:24 +0100, Hadron wrote:

    > The current interface is nothing more than a relatively useless gimick
    > IMO. But I'm prepared to be convinced otherwise.


    It is useful to me as someone who worked at an operations console (not
    network) for many years. It is a radar scope for my network. Really my
    feature request to the developers is somewhat unfounded since EtherApe
    already supports reading from capture files (or it is stated). I verified
    you can run multiple instances too. Still I would like to be able to jump
    forwards and backwards to times when my network was busy to see what was
    going on and now that I think about it have the option to open an
    instance of Wireshark at that point in time too.

    I agree the nodes should be selectable, right-click whois is a good idea,
    suggest it in their forums. I think you would have a whiz bang network
    traffic analysis tool!!

    --
    // This is my opinion.

  10. Re: Firewall

    jebblue writes:

    > On Sat, 29 Dec 2007 19:42:24 +0100, Hadron wrote:
    >
    >> The current interface is nothing more than a relatively useless gimick
    >> IMO. But I'm prepared to be convinced otherwise.

    >
    > It is useful to me as someone who worked at an operations console (not
    > network) for many years. It is a radar scope for my network. Really my
    > feature request to the developers is somewhat unfounded since EtherApe
    > already supports reading from capture files (or it is stated). I verified
    > you can run multiple instances too. Still I would like to be able to jump
    > forwards and backwards to times when my network was busy to see what was
    > going on and now that I think about it have the option to open an
    > instance of Wireshark at that point in time too.
    >
    > I agree the nodes should be selectable, right-click whois is a good idea,
    > suggest it in their forums. I think you would have a whiz bang network
    > traffic analysis tool!!


    It's a funny thing though. I see a tool like this and it is really
    relatively useless considering the potential. The most obvious thing
    being a "whois" facility or to even be able to "copy" the addresses. I
    then wonder who uses it, if anyone, in the real world and if they do
    what do they use it for and why don't they help to make it useful? A lot
    of OSS is out there with about 10 people using it - it's a shame.

  11. Re: Firewall

    Hadron wrote:

    > jebblue writes:
    >
    >> On Sat, 29 Dec 2007 17:09:27 +0100, Hadron wrote:
    >>
    >>> It's very cool, but not very useful IMO. Having said that maybe I missed
    >>> some config option which makes it so.

    >>
    >> It fills the gap between Wireshark (very detailed) and Gkrellm's network
    >> monitor which just indicates whether the network is busy.

    >
    > Have a look at gkrellm's "internet" plug in. You can watch specific
    > ports too. Nice.
    >
    >>
    >> It is a radar scope for my network, a window.

    >
    > But how is it useful? It flicks around too much and doesn't even give
    > the ability to freeze the display and do a whois on the unselectable ip
    > addresses. (One pet hate of mine is any interface which give information
    > but doesnt allow you to select and copy that info for further use).
    >

    Do you need anymore incentive to go ahead and improve on it? I'm sure the
    source code is available. Or do you just like to bitch about open source
    FREE software and leave it at that?

    Cheers.

    --
    Boot It Up!
    http://youtube.com/watch?v=-kql8cWqiv8


  12. Re: Firewall

    Hadron wrote:

    > jebblue writes:
    >
    >> On Sat, 29 Dec 2007 19:42:24 +0100, Hadron wrote:
    >>
    >>> The current interface is nothing more than a relatively useless gimick
    >>> IMO. But I'm prepared to be convinced otherwise.

    >>
    >> It is useful to me as someone who worked at an operations console (not
    >> network) for many years. It is a radar scope for my network. Really my
    >> feature request to the developers is somewhat unfounded since EtherApe
    >> already supports reading from capture files (or it is stated). I verified
    >> you can run multiple instances too. Still I would like to be able to jump
    >> forwards and backwards to times when my network was busy to see what was
    >> going on and now that I think about it have the option to open an
    >> instance of Wireshark at that point in time too.
    >>
    >> I agree the nodes should be selectable, right-click whois is a good idea,
    >> suggest it in their forums. I think you would have a whiz bang network
    >> traffic analysis tool!!

    >
    > It's a funny thing though. I see a tool like this and it is really
    > relatively useless considering the potential. The most obvious thing
    > being a "whois" facility or to even be able to "copy" the addresses. I
    > then wonder who uses it, if anyone, in the real world and if they do
    > what do they use it for and why don't they help to make it useful? A lot
    > of OSS is out there with about 10 people using it - it's a shame.


    Moan, moan. Bitch, bitch. True to course. At least with Open Source you can
    either help improve a piece of software or approach the development team to
    do so - unlike Windoze apps.

    Cheers.

    --
    Boot It Up!
    http://youtube.com/watch?v=-kql8cWqiv8


  13. Re: Firewall

    NoStop writes:

    > Hadron wrote:
    >
    >> jebblue writes:
    >>
    >>> On Sat, 29 Dec 2007 17:09:27 +0100, Hadron wrote:
    >>>
    >>>> It's very cool, but not very useful IMO. Having said that maybe I missed
    >>>> some config option which makes it so.
    >>>
    >>> It fills the gap between Wireshark (very detailed) and Gkrellm's network
    >>> monitor which just indicates whether the network is busy.

    >>
    >> Have a look at gkrellm's "internet" plug in. You can watch specific
    >> ports too. Nice.
    >>
    >>>
    >>> It is a radar scope for my network, a window.

    >>
    >> But how is it useful? It flicks around too much and doesn't even give
    >> the ability to freeze the display and do a whois on the unselectable ip
    >> addresses. (One pet hate of mine is any interface which give information
    >> but doesnt allow you to select and copy that info for further use).
    >>

    > Do you need anymore incentive to go ahead and improve on it? I'm sure the
    > source code is available. Or do you just like to bitch about open source
    > FREE software and leave it at that?
    >
    > Cheers.


    Do **** off. This is discussion. Constructive discussion and
    criticism. It might well lead to suggestions for improvements. Its no
    wonder so much OSS is half arsed junk if people like you worship at its
    alter with no criticism, no matter how well meant, is allowed.

    I DO contribute to OSS by the way as you well know.

    All sitting around a stove eating tacos and pot noodles with beards
    entwined singing "kumbuya my lord" doesn't create great SW I am afraid.

    "Free" (as in beer) is of no interest to me. Good productive, useful SW
    is. Free (as in source) is of interest IF I or someone in my company has
    the skillset to improve it OR it is actively maintained by someone open
    minded enough to consider third party suggestions. Often packages are
    not.



  14. Re: Firewall

    NoStop writes:

    > Hadron wrote:
    >
    >> jebblue writes:
    >>
    >>> On Sat, 29 Dec 2007 19:42:24 +0100, Hadron wrote:
    >>>
    >>>> The current interface is nothing more than a relatively useless gimick
    >>>> IMO. But I'm prepared to be convinced otherwise.
    >>>
    >>> It is useful to me as someone who worked at an operations console (not
    >>> network) for many years. It is a radar scope for my network. Really my
    >>> feature request to the developers is somewhat unfounded since EtherApe
    >>> already supports reading from capture files (or it is stated). I verified
    >>> you can run multiple instances too. Still I would like to be able to jump
    >>> forwards and backwards to times when my network was busy to see what was
    >>> going on and now that I think about it have the option to open an
    >>> instance of Wireshark at that point in time too.
    >>>
    >>> I agree the nodes should be selectable, right-click whois is a good idea,
    >>> suggest it in their forums. I think you would have a whiz bang network
    >>> traffic analysis tool!!

    >>
    >> It's a funny thing though. I see a tool like this and it is really
    >> relatively useless considering the potential. The most obvious thing
    >> being a "whois" facility or to even be able to "copy" the addresses. I
    >> then wonder who uses it, if anyone, in the real world and if they do
    >> what do they use it for and why don't they help to make it useful? A lot
    >> of OSS is out there with about 10 people using it - it's a shame.

    >
    > Moan, moan. Bitch, bitch. True to course. At least with Open Source you can
    > either help improve a piece of software or approach the development team to
    > do so - unlike Windoze apps.
    >
    > Cheers.


    You still seem unable to discern the difference between OSS and
    Linux/Windows. Why is that? Are you really that dumb? I thought you were
    just pretending until now.

  15. Re: Firewall

    Hadron wrote:

    > NoStop writes:
    >
    >> Hadron wrote:
    >>
    >>> jebblue writes:
    >>>
    >>>> On Sat, 29 Dec 2007 17:09:27 +0100, Hadron wrote:
    >>>>
    >>>>> It's very cool, but not very useful IMO. Having said that maybe I
    >>>>> missed some config option which makes it so.
    >>>>
    >>>> It fills the gap between Wireshark (very detailed) and Gkrellm's
    >>>> network monitor which just indicates whether the network is busy.
    >>>
    >>> Have a look at gkrellm's "internet" plug in. You can watch specific
    >>> ports too. Nice.
    >>>
    >>>>
    >>>> It is a radar scope for my network, a window.
    >>>
    >>> But how is it useful? It flicks around too much and doesn't even give
    >>> the ability to freeze the display and do a whois on the unselectable ip
    >>> addresses. (One pet hate of mine is any interface which give information
    >>> but doesnt allow you to select and copy that info for further use).
    >>>

    >> Do you need anymore incentive to go ahead and improve on it? I'm sure the
    >> source code is available. Or do you just like to bitch about open source
    >> FREE software and leave it at that?
    >>
    >> Cheers.

    >
    > Do **** off. This is discussion. Constructive discussion and
    > criticism. It might well lead to suggestions for improvements. Its no
    > wonder so much OSS is half arsed junk if people like you worship at its
    > alter with no criticism, no matter how well meant, is allowed.
    >

    I haven't found anything wrong with Etherape for the use I put it to. But my
    suggestion still stands ... don't think it has enough "features"? Then go
    and ****ing improve on it. Do you think for one minute that moaning about
    here is going to improve it? At least with what YOU consider improvements?

    You are a miserable old fart aren't you Hardon?

    > I DO contribute to OSS by the way as you well know.
    >

    Just what development team have you joined? I'd love to install one of your
    creations and see just how feature-laden it is. Please do tell us!

    > All sitting around a stove eating tacos and pot noodles with beards
    > entwined singing "kumbuya my lord" doesn't create great SW I am afraid.
    >

    This is YOUR idea of Linux users and Linux developers? You unappreciative
    piece of ****.

    > "Free" (as in beer) is of no interest to me. Good productive, useful SW
    > is.


    Then stick with Windoze. According to you, it has OSS beat by a mile.

    > Free (as in source) is of interest IF I or someone in my company has
    > the skillset to improve it


    Guess you and "your company" don't have the ability? Is that what you're
    saying?

    > OR it is actively maintained by someone open
    > minded enough to consider third party suggestions. Often packages are
    > not.


    What packages are not? Please be more specific rather than just hurl your
    **** around here like you so often do.

    Cheers.

    PS. Yes, you can indeed **** off. In fact, for the betterment of the Ubuntu
    community in this newsgroup - I'll offer you a challenge. If you **** off,
    I'll do the same. I'll be waiting. Please let me know when you intend to
    **** off.


    --
    Boot It Up!
    http://youtube.com/watch?v=-kql8cWqiv8


  16. Re: Firewall

    On Sat, 29 Dec 2007 20:49:28 +0100
    Hadron wrote:

    [Etherape]

    > It's a funny thing though. I see a tool like this and it is really
    > relatively useless considering the potential. The most obvious thing
    > being a "whois" facility or to even be able to "copy" the addresses. I
    > then wonder who uses it, if anyone, in the real world and if they do
    > what do they use it for and why don't they help to make it useful? A lot
    > of OSS is out there with about 10 people using it - it's a shame.


    I just requested that.
    http://sourceforge.net/forum/forum.p...&forum_id=8022


    --
    Have you ever imagined a world with no hypothetical situations?

  17. Re: Firewall

    NoStop wrote:
    > Hadron wrote:
    >

    .... snip ...
    >
    > Guess you and "your company" don't have the ability? Is that what
    > you're saying?
    >
    >> OR it is actively maintained by someone open minded enough to
    >> consider third party suggestions. Often packages are not.

    >
    > What packages are not? Please be more specific rather than just
    > hurl your **** around here like you so often do.
    >
    > Cheers.
    >
    > PS. Yes, you can indeed **** off. In fact, for the betterment of
    > the Ubuntu community in this newsgroup - I'll offer you a
    > challenge. If you **** off, I'll do the same. I'll be waiting.
    > Please let me know when you intend to **** off.


    Having just skipped through this mess by a cursory examination of
    every second article, let me point out how you can achieve the
    same. Simply PLONK Hadron. Have the disposition be 'mark read'.
    That way the article will not be downloaded, and the only thing
    that will show up is the existance of the nuisance. :-)

    --
    Merry Christmas, Happy Hanukah, Happy New Year
    Joyeux Noel, Bonne Annee, Frohe Weihnachten
    Chuck F (cbfalconer at maineline dot net)




    --
    Posted via a free Usenet account from http://www.teranews.com


  18. Re: Firewall

    On Sat, 29 Dec 2007 20:36:36 -0500, CBFalconer wrote:

    > Having just skipped through this mess by a cursory examination of every
    > second article, let me point out how you can achieve the same. Simply
    > PLONK Hadron. Have the disposition be 'mark read'. That way the article
    > will not be downloaded, and the only thing that will show up is the
    > existance of the nuisance. :-)
    >


    I tend to agree based on the latter part of the conversation.

    --
    // This is my opinion.

  19. Re: Firewall

    On Sat, 29 Dec 2007 14:15:25 +0000, NoStop wrote:

    > Joe wrote:
    >
    >> On Fri, 28 Dec 2007 14:40:15 +0000, David P wrote:
    >>
    >>> I've initialised firestarter to control my firewall. Whether or not
    >>> firestarter is running though I believe the firewall is still in place
    >>> - correct me if I'm wrong on this.

    >>
    >> This is true. Firestarter is not a firewall, but rather a frontend for
    >> iptables, which is running all the time.
    >>
    >>
    >>> I've just moved from windows where the firewall was Zone Alarm which I
    >>> set to prompt me to allow specifically any outgoing connections from
    >>> any application on each attempt, per session, that the application was
    >>> running - how can this be done in firestarter please? (others with a
    >>> windows background will know that a number of apps like to conect to
    >>> the 'net even when they don't need to!)

    >>
    >> This ain't windows. There are no applications to do such things,
    >> unless you install them. There is no spyware for Linux.
    >>
    >> The only thing that is normally going to go out on it's own is the
    >> updater, checking to see if there are any updates available. And this
    >> is completely configurable.
    >>

    > And the NTP client, which isn't something to be concerned about either.
    >
    > Cheers.


    I always have the NTP client set to go only to my internal Win2K3 servers
    for time sync, so I don't have any concern with them... ;-)




    --
    Joe - Linux User #449481/Ubuntu User #19733
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  20. Re: Firewall

    CBFalconer writes:

    > NoStop wrote:
    >> Hadron wrote:
    >>

    > ... snip ...
    >>
    >> Guess you and "your company" don't have the ability? Is that what
    >> you're saying?


    Err, in many cases yes. Your point is? Or are you such a big headed
    wanker, as I suspect, that you feel you can take ANY piece of OSS and
    then modify it to your needs in a short, predictable and economic time
    scale? You are living in clous cuckoo land.

    And THEN, of course, you have the issues of the GPL. There is a reason
    why so many companies wont touch it you know.

    >>
    >>> OR it is actively maintained by someone open minded enough to
    >>> consider third party suggestions. Often packages are not.

    >>
    >> What packages are not? Please be more specific rather than just
    >> hurl your **** around here like you so often do.


    Lots of them.

    Remember we are talking quick turn around times for REAL business
    needs. if you need examples of OSS in mothballs then you really are
    clueless.

    You should also note that I am not knocking OSS here. As I said, I
    contribute and use solely OSS at the moment.


    >>
    >> Cheers.
    >>
    >> PS. Yes, you can indeed **** off. In fact, for the betterment of
    >> the Ubuntu community in this newsgroup - I'll offer you a
    >> challenge. If you **** off, I'll do the same. I'll be waiting.
    >> Please let me know when you intend to **** off.


    >
    > Having just skipped through this mess by a cursory examination of
    > every second article, let me point out how you can achieve the
    > same. Simply PLONK Hadron. Have the disposition be 'mark read'.
    > That way the article will not be downloaded, and the only thing
    > that will show up is the existance of the nuisance. :-)


    If ever there was an indicator that NoStop is a waste of space then
    support from Mr CBFalconer is surely it.

+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast