Firewall - Ubuntu

This is a discussion on Firewall - Ubuntu ; Hi, I've searched archives etc but can't find what I'm looking for so here goes... I've initialised firestarter to control my firewall. Whether or not firestarter is running though I believe the firewall is still in place - correct me ...

+ Reply to Thread
Page 1 of 3 1 2 3 LastLast
Results 1 to 20 of 57

Thread: Firewall

  1. Firewall

    Hi,

    I've searched archives etc but can't find what I'm looking for so here
    goes...


    I've initialised firestarter to control my firewall. Whether or not
    firestarter is running though I believe the firewall is still in place -
    correct me if I'm wrong on this.

    I've just moved from windows where the firewall was Zone Alarm which I set
    to prompt me to allow specifically any outgoing connections from any
    application on each attempt, per session, that the application was running
    - how can this be done in firestarter please?
    (others with a windows background will know that a number of apps like to
    conect to the 'net even when they don't need to!)

    Ta

    David

  2. Re: Firewall

    David P writes:

    > Hi,
    >
    > I've searched archives etc but can't find what I'm looking for so here
    > goes...
    >
    >
    > I've initialised firestarter to control my firewall. Whether or not
    > firestarter is running though I believe the firewall is still in place -
    > correct me if I'm wrong on this.
    >
    > I've just moved from windows where the firewall was Zone Alarm which I set
    > to prompt me to allow specifically any outgoing connections from any
    > application on each attempt, per session, that the application was running
    > - how can this be done in firestarter please?
    > (others with a windows background will know that a number of apps like to
    > conect to the 'net even when they don't need to!)
    >
    > Ta
    >
    > David


    AFAIK you can only tell firestarter to allow certain ports. It is not
    "per application". See the policy tab.

  3. Re: Firewall

    On Fri, 28 Dec 2007 15:57:42 +0100, Hadron wrote:

    > David P writes:


    >> I've initialised firestarter to control my firewall. Whether or not
    >> firestarter is running though I believe the firewall is still in place
    >> and working - correct me if I'm wrong on this.


    Is this correct?

    >>
    >> I've just moved from windows where the firewall was Zone Alarm which I set
    >> to prompt me to allow specifically any outgoing connections from any
    >> application on each attempt, per session, that the application was running
    >> - how can this be done in firestarter please?


    >
    > AFAIK you can only tell firestarter to allow certain ports. It is not
    > "per application". See the policy tab.


    OK - are there any that *will* allow 'per application' that you, or
    anyone, knows of?

  4. Re: Firewall

    David P writes:

    > On Fri, 28 Dec 2007 15:57:42 +0100, Hadron wrote:
    >
    >> David P writes:

    >
    >>> I've initialised firestarter to control my firewall. Whether or not
    >>> firestarter is running though I believe the firewall is still in place
    >>> and working - correct me if I'm wrong on this.

    >
    > Is this correct?
    >
    >>>
    >>> I've just moved from windows where the firewall was Zone Alarm which I set
    >>> to prompt me to allow specifically any outgoing connections from any
    >>> application on each attempt, per session, that the application was running
    >>> - how can this be done in firestarter please?

    >
    >>
    >> AFAIK you can only tell firestarter to allow certain ports. It is not
    >> "per application". See the policy tab.

    >
    > OK - are there any that *will* allow 'per application' that you, or
    > anyone, knows of?


    Personally no, but I haven't bothered to google. What problem are you
    trying to solve here?

  5. Re: Firewall

    On Fri, 28 Dec 2007 17:29:24 +0100, Hadron wrote:

    > David P writes:
    >
    >> On Fri, 28 Dec 2007 15:57:42 +0100, Hadron wrote:
    >>
    >>> David P writes:

    >>

    >
    >>>> I've just moved from windows where the firewall was Zone Alarm which I set
    >>>> to prompt me to allow specifically any outgoing connections from any
    >>>> application on each attempt, per session, that the application was running
    >>>> - how can this be done in firestarter please?

    >>
    >>>
    >>> AFAIK you can only tell firestarter to allow certain ports. It is not
    >>> "per application". See the policy tab.

    >>
    >> OK - are there any that *will* allow 'per application' that you, or
    >> anyone, knows of?

    >
    > Personally no, but I haven't bothered to google. What problem are you
    > trying to solve here?



    probably a windows one

    I just want to know what is trying to get out and to be able to decide if
    I want to block it or allow it.

  6. Re: Firewall

    David P writes:

    > On Fri, 28 Dec 2007 17:29:24 +0100, Hadron wrote:
    >
    >> David P writes:
    >>
    >>> On Fri, 28 Dec 2007 15:57:42 +0100, Hadron wrote:
    >>>
    >>>> David P writes:
    >>>

    >>
    >>>>> I've just moved from windows where the firewall was Zone Alarm which I set
    >>>>> to prompt me to allow specifically any outgoing connections from any
    >>>>> application on each attempt, per session, that the application was running
    >>>>> - how can this be done in firestarter please?
    >>>
    >>>>
    >>>> AFAIK you can only tell firestarter to allow certain ports. It is not
    >>>> "per application". See the policy tab.
    >>>
    >>> OK - are there any that *will* allow 'per application' that you, or
    >>> anyone, knows of?

    >>
    >> Personally no, but I haven't bothered to google. What problem are you
    >> trying to solve here?

    >
    >
    > probably a windows one
    >
    > I just want to know what is trying to get out and to be able to decide if
    > I want to block it or allow it.


    Then set firestarter to block outgoing by default and check the "events"
    tab seems a good start. I don't know. Try it.

    Personally I wouldn't worry too much - it is highly unlikely there will
    be any naughty apps telling the world about you in a clean linux
    install.

  7. Re: Firewall

    David P wrote:

    > On Fri, 28 Dec 2007 17:29:24 +0100, Hadron wrote:
    >
    >> David P writes:
    >>
    >>> On Fri, 28 Dec 2007 15:57:42 +0100, Hadron wrote:
    >>>
    >>>> David P writes:
    >>>

    >>
    >>>>> I've just moved from windows where the firewall was Zone Alarm which I
    >>>>> set to prompt me to allow specifically any outgoing connections from
    >>>>> any application on each attempt, per session, that the application was
    >>>>> running - how can this be done in firestarter please?
    >>>
    >>>>
    >>>> AFAIK you can only tell firestarter to allow certain ports. It is not
    >>>> "per application". See the policy tab.
    >>>
    >>> OK - are there any that *will* allow 'per application' that you, or
    >>> anyone, knows of?

    >>
    >> Personally no, but I haven't bothered to google. What problem are you
    >> trying to solve here?

    >
    >
    > probably a windows one
    >
    > I just want to know what is trying to get out and to be able to decide if
    > I want to block it or allow it.


    Why? If you don't want a particular app to go out onto the Internet, then
    just don't run that app.

    Cheers.

    --
    Boot It Up!
    http://youtube.com/watch?v=-kql8cWqiv8


  8. Re: Firewall

    On Fri, 28 Dec 2007 14:40:15 +0000, David P wrote:

    > running - how can this be done in firestarter please? (others with a
    > windows background will know that a number of apps like to conect to the
    > 'net even when they don't need to!)
    >


    I've thought about trying this, it looks like you can go (in Firestarter)
    to the Policy tab, click on Editing drop-down list and select Outbound
    traffic policy to change to whitelisted traffic only.

    Good luck, if you decide to try it, let us know how it worked out ok?

    Also I just learned that you can select the Events menu and turn on more
    details for events. Cool.
    --
    // This is my opinion.

  9. Re: Firewall

    In article , Hadron says...
    > David P writes:


    > >>
    > >> Personally no, but I haven't bothered to google. What problem are you
    > >> trying to solve here?

    > >
    > >
    > > probably a windows one
    > >
    > > I just want to know what is trying to get out and to be able to decide if
    > > I want to block it or allow it.

    >
    > Then set firestarter to block outgoing by default and check the "events"
    > tab seems a good start. I don't know. Try it.


    I'll give it a whirl - ta.
    >
    > Personally I wouldn't worry too much - it is highly unlikely there will
    > be any naughty apps telling the world about you in a clean linux
    > install.
    >

    More or less what I thought - but I'm still tainted by windows; I'll get
    over it.
    --
    David
    Visit http://www.farm-direct.co.uk for your local farmgate food
    supplies.
    FAQ's, Glossary, Farming Year and more!

  10. Re: Firewall

    In article , NoStop says...
    > David P wrote:
    >
    > > probably a windows one
    > >
    > > I just want to know what is trying to get out and to be able to decide if
    > > I want to block it or allow it.

    >
    > Why? If you don't want a particular app to go out onto the Internet, then
    > just don't run that app.
    >

    You have obviously never run windows.

    Open spreadsheet and it tries to access 'net from time to time.

    One of the reasons I'm trying to get to grips with Linux; it feels
    safer.

    --
    David
    Visit http://www.farm-direct.co.uk for your local farmgate food
    supplies.
    FAQ's, Glossary, Farming Year and more!

  11. Re: Firewall

    David wrote:

    > In article , NoStop says...
    >> David P wrote:
    >>
    >> > probably a windows one
    >> >
    >> > I just want to know what is trying to get out and to be able to decide
    >> > if I want to block it or allow it.

    >>
    >> Why? If you don't want a particular app to go out onto the Internet, then
    >> just don't run that app.
    >>

    > You have obviously never run windows.
    >
    > Open spreadsheet and it tries to access 'net from time to time.
    >
    > One of the reasons I'm trying to get to grips with Linux; it feels
    > safer.
    >

    It is and you'll just need to readjust your thinking. ;-)

    If you have a NAT router, I wouldn't even bother configuring a firewall. The
    NAT router is already doing the job of keeping people away from your Ubuntu
    box. By default all incoming ports are closed UNTIL you install a
    particular service that requires a port to be open and then it opens it or
    else it won't work. This of course means you'd have to go into your router
    and open that port to your local box.

    As far as clients trying to get out to the Internet, they just won't work if
    they can't get out, so trying to keep those controlled by a firewall seems
    a bit unproductive.

    With Windoze it's malware like spambots trying to connect to the Internet
    unknown to you. Hopefully your Linux box doesn't have malware like that
    installed. It takes an effort on your part to make malware work under
    Linux.

    Cheers.

    --
    Try Ubuntu ...
    http://www.ubuntu.com


  12. Re: Firewall

    On Fri, 28 Dec 2007 14:40:15 +0000, David P wrote:

    > I've initialised firestarter to control my firewall. Whether or not
    > firestarter is running though I believe the firewall is still in place -
    > correct me if I'm wrong on this.


    This is true. Firestarter is not a firewall, but rather a frontend for
    iptables, which is running all the time.

    >
    > I've just moved from windows where the firewall was Zone Alarm which I
    > set to prompt me to allow specifically any outgoing connections from any
    > application on each attempt, per session, that the application was
    > running - how can this be done in firestarter please? (others with a
    > windows background will know that a number of apps like to conect to the
    > 'net even when they don't need to!)


    This ain't windows. There are no applications to do such things, unless
    you install them. There is no spyware for Linux.

    The only thing that is normally going to go out on it's own is the
    updater, checking to see if there are any updates available. And this is
    completely configurable.




    --
    Joe - Linux User #449481/Ubuntu User #19733
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  13. Re: Firewall

    On Fri, 28 Dec 2007 22:40:18 +0000, David wrote:

    > In article , NoStop says...
    >> David P wrote:
    >>
    >> > probably a windows one
    >> >
    >> > I just want to know what is trying to get out and to be able to
    >> > decide if I want to block it or allow it.

    >>
    >> Why? If you don't want a particular app to go out onto the Internet,
    >> then just don't run that app.
    >>

    > You have obviously never run windows.


    Obviously he has, that is why he now runs Linux, and has abandoned the M$
    Virus...

    >
    > Open spreadsheet and it tries to access 'net from time to time.
    >
    > One of the reasons I'm trying to get to grips with Linux; it feels
    > safer.


    It is.



    --
    Joe - Linux User #449481/Ubuntu User #19733
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  14. Re: Firewall

    Joe wrote:
    > This ain't windows. There are no applications to do such things, unless
    > you install them. There is no spyware for Linux.


    Sure there are. As for spyware for Linux; it depends what you mean by
    spyware. Any type of trojan or Spam bot that gets planted on your
    computer could be spyware. If you get cracked, cracked is cracked. Don't
    matter Windows or Linux. Being gullible won't help.

    --
    As we enjoy great advantages from inventions of others, we should be
    glad of an opportunity to serve others by any invention of ours;
    and this we should do freely and generously.
    --Benjamin Franklin

  15. Re: Firewall

    johnny bobby bee writes:

    > Joe wrote:
    >> This ain't windows. There are no applications to do such things,
    >> unless you install them. There is no spyware for Linux.

    >
    > Sure there are. As for spyware for Linux; it depends what you mean by
    > spyware. Any type of trojan or Spam bot that gets planted on your
    > computer could be spyware. If you get cracked, cracked is
    > cracked. Don't matter Windows or Linux. Being gullible won't help.


    Joe seems keen on exaggerations. He also claims that partitioning is a
    "hugely controversial" subject (it isn't - there are a few approaches
    which suit different requirements).

    But fortunately he is also smart enough to realise that

    "you should not expect the answers you get here to be enough to go on"

    This is good advice.

  16. Re: Firewall

    On Sat, 29 Dec 2007 11:25:37 +0100, Hadron wrote:

    > johnny bobby bee writes:
    >
    >> Joe wrote:
    >>> This ain't windows. There are no applications to do such things,
    >>> unless you install them. There is no spyware for Linux.

    >>
    >> Sure there are. As for spyware for Linux; it depends what you mean by
    >> spyware. Any type of trojan or Spam bot that gets planted on your
    >> computer could be spyware. If you get cracked, cracked is cracked.
    >> Don't matter Windows or Linux. Being gullible won't help.

    >
    > Joe seems keen on exaggerations. He also claims that partitioning is a
    > "hugely controversial" subject (it isn't - there are a few approaches
    > which suit different requirements).
    >
    > But fortunately he is also smart enough to realise that
    >
    > "you should not expect the answers you get here to be enough to go on"
    >
    > This is good advice.


    Oddly enough, this is the second thread in 2 days that you have been
    quick to try to critisize my (correct) answers, while having given none
    yourself.

    Especially odd since you claim to have me killfiled. You need better
    filters there, boy...




    --
    Joe - Linux User #449481/Ubuntu User #19733
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  17. Re: Firewall

    Joe wrote:

    > On Fri, 28 Dec 2007 14:40:15 +0000, David P wrote:
    >
    >> I've initialised firestarter to control my firewall. Whether or not
    >> firestarter is running though I believe the firewall is still in place -
    >> correct me if I'm wrong on this.

    >
    > This is true. Firestarter is not a firewall, but rather a frontend for
    > iptables, which is running all the time.
    >
    >>
    >> I've just moved from windows where the firewall was Zone Alarm which I
    >> set to prompt me to allow specifically any outgoing connections from any
    >> application on each attempt, per session, that the application was
    >> running - how can this be done in firestarter please? (others with a
    >> windows background will know that a number of apps like to conect to the
    >> 'net even when they don't need to!)

    >
    > This ain't windows. There are no applications to do such things, unless
    > you install them. There is no spyware for Linux.
    >
    > The only thing that is normally going to go out on it's own is the
    > updater, checking to see if there are any updates available. And this is
    > completely configurable.
    >

    And the NTP client, which isn't something to be concerned about either.

    Cheers.

    --
    Boot It Up!
    http://youtube.com/watch?v=-kql8cWqiv8


  18. Re: Firewall

    On Sat, 29 Dec 2007 14:15:25 GMT
    NoStop wrote:

    > > The only thing that is normally going to go out on it's own is the
    > > updater, checking to see if there are any updates available. And this is
    > > completely configurable.
    > >

    > And the NTP client, which isn't something to be concerned about either.


    Etherape will show the sites you're connecting to, not necessarily the
    program that's making the connection though.

    --
    Have you ever imagined a world with no hypothetical situations?

  19. Re: Firewall

    Trevor Best wrote:

    > On Sat, 29 Dec 2007 14:15:25 GMT
    > NoStop wrote:
    >
    >> > The only thing that is normally going to go out on it's own is the
    >> > updater, checking to see if there are any updates available. And this
    >> > is completely configurable.
    >> >

    >> And the NTP client, which isn't something to be concerned about either.

    >
    > Etherape will show the sites you're connecting to, not necessarily the
    > program that's making the connection though.
    >

    Trevor, what you might find somewhat entertaining is to using Etherape.
    Shows the ethernet chatter in a graphical way. More in keeping with your
    stated likes when it comes to GUIs. :-) It works especially well with
    dual-monitors, giving one the realestate to watch what's happening while
    doing other things.

    Cheers.

    --
    Boot It Up!
    http://youtube.com/watch?v=-kql8cWqiv8


  20. Re: Firewall

    NoStop wrote:

    > Trevor Best wrote:
    >
    >> On Sat, 29 Dec 2007 14:15:25 GMT
    >> NoStop wrote:
    >>
    >>> > The only thing that is normally going to go out on it's own is the
    >>> > updater, checking to see if there are any updates available. And this
    >>> > is completely configurable.
    >>> >
    >>> And the NTP client, which isn't something to be concerned about either.

    >>
    >> Etherape will show the sites you're connecting to, not necessarily the
    >> program that's making the connection though.
    >>

    > Trevor, what you might find somewhat entertaining is to using Etherape.
    > Shows the ethernet chatter in a graphical way. More in keeping with your
    > stated likes when it comes to GUIs. :-) It works especially well with
    > dual-monitors, giving one the realestate to watch what's happening while
    > doing other things.
    >
    > Cheers.
    >

    DUH, forgive me. Reading comprehension problem here. I read "ethereal".
    Geez. Time for another cuppa coffee. Too early in the morning for me I
    guess.

    Cheers.

    --
    Boot It Up!
    http://youtube.com/watch?v=-kql8cWqiv8


+ Reply to Thread
Page 1 of 3 1 2 3 LastLast