firewall help please - Ubuntu

This is a discussion on firewall help please - Ubuntu ; Does Kubuntu have a built-in firewall of some sort? I can completely turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and it indicates that all my ports are closed except for a few that are ...

+ Reply to Thread
Results 1 to 12 of 12

Thread: firewall help please

  1. firewall help please

    Does Kubuntu have a built-in firewall of some sort? I can completely
    turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    it indicates that all my ports are closed except for a few that are
    stealth.

    Sure would appreciate any insight into what's going on......





  2. Re: firewall help please

    Sarah D. illuminated alt.os.linux.ubuntu by typing:
    > Does Kubuntu have a built-in firewall of some sort? I can completely
    > turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    > it indicates that all my ports are closed except for a few that are
    > stealth.
    >
    > Sure would appreciate any insight into what's going on......


    I don't know too much about Kubuntu, but Ubuntu is pretty much locked
    down from the off.

    All (or very close to all) ports are only opened on a "per application"
    basis. For instance, Run firefox, port 80 will open. Close it. Port 80
    will close.

    However, you'll need to do a bit of a sniff just to make sure. nmap
    is a good place to start.

    If you find any ports open that you aren't expecting (other than the
    usual 110, 22, 80 etc) then you may want to run firestarter (or
    preferably restart guarddog)

    --
    Moog

    "If this is gonna be that kinda party I'm gonna stick my dick in the
    mashed potatoes"

  3. Re: firewall help please

    On Sun, 13 Apr 2008 16:21:03 -0500, Sarah D. wrote:
    > Does Kubuntu have a built-in firewall of some sort? I can completely
    > turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    > it indicates that all my ports are closed except for a few that are
    > stealth.
    >
    > Sure would appreciate any insight into what's going on......


    With the firewall off, those results you see are because there are no
    applications listing on those "closed" ports.

    Once you start services/applications which listen for connections,
    those "ports" become open.

    Stealth, is a misnomer, it means the port accepted the connection but
    did not respond to the probe. Filtered is the same thing.

    Example I have sshd running with my firewall blocking everything
    but one ip on the ssh port. It is filtering but GRC indicates stealth.

  4. Re: firewall help please



    "Sarah D." wrote in message
    news:ftttgf$frl$1@news.albasani.net...
    > Does Kubuntu have a built-in firewall of some sort? I can completely
    > turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    > it indicates that all my ports are closed except for a few that are
    > stealth.
    >
    > Sure would appreciate any insight into what's going on......
    >
    >
    >
    >


    That would indicate something is consuming packets addressed to certain
    ports but not others.

    A closed port indicates a reply was sent to the probe but it was a reject.
    Stealth indicates that either the probe never got there, or that it was
    ignored, or that the reply never got back.

    As closed ports suggests, as you say, that you are not running a firewall so
    I am left wondering where the stealth ports come from.
    If it had indicated closed on all ports I wouldn't have worried but I would
    investigate what is happening on your system.
    It may just be your ISP blocking some ports.
    If you post the ports and your ISP someone will know.


  5. Re: firewall help please

    On 2008-04-13, Moog wrote:
    > Sarah D. illuminated alt.os.linux.ubuntu by typing:
    >> Does Kubuntu have a built-in firewall of some sort? I can completely
    >> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    >> it indicates that all my ports are closed except for a few that are
    >> stealth.
    >>
    >> Sure would appreciate any insight into what's going on......

    >
    > I don't know too much about Kubuntu, but Ubuntu is pretty much locked
    > down from the off.
    >
    > All (or very close to all) ports are only opened on a "per application"
    > basis. For instance, Run firefox, port 80 will open. Close it. Port 80
    > will close.


    Firefox does not listen on port 80. It does not open any local ports.

    i

    > However, you'll need to do a bit of a sniff just to make sure. nmap
    > is a good place to start.
    >
    > If you find any ports open that you aren't expecting (other than the
    > usual 110, 22, 80 etc) then you may want to run firestarter (or
    > preferably restart guarddog)
    >


  6. Re: firewall help please

    Sarah D. wrote:

    > Does Kubuntu have a built-in firewall of some sort? I can
    > completely turn off Guarddog (IP Tables or IP Chains) and then go to
    > GRC.com and it indicates that all my ports are closed except for a
    > few that are stealth.
    >
    > Sure would appreciate any insight into what's going on......





    It looks like Firestarter was being started on boot. I modified the
    ports on this firewall and all started working ok.




  7. Re: firewall help please

    Sarah D. wrote:
    > Does Kubuntu have a built-in firewall of some sort? I can completely
    > turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    > it indicates that all my ports are closed except for a few that are
    > stealth.
    >
    > Sure would appreciate any insight into what's going on......
    >
    >
    >


    Hi Sarah D.
    Just a suggestion.
    I have firewall turned off.
    I rely on my Netgear ADSL broad band modem to protect my computer.
    Steve Gibson's ShieldsUp utility gives me stealth all the way,
    then complements that my box is so secure that it seems to be turned off.
    I am open to being advised of any weakness here.
    Keep smilling.
    Don.



  8. Re: firewall help please

    "Sarah D." wrote:
    >



    Well, the blocked ports/stealthed ports are mostly from ur ISP blocking them at their end.

    If i turn off the iptables firewall then some are stealthed and some are just closed.

    By Default the Firewall is actually iptables - guarddog and firestarter are just a GUI for it.

    Also by default iptables is NOT setup.

    IF u want a script that's simple and easy to edit install arno-iptables-firewall in the repositories.

    To set-up logging for arno-iptables-firewall for ur own rules see my site http://www.freewebs.com/gutsygibbon



    So yes in ubuntu/kubuntu there is a firewall but it's not activated by default

    Also if you search the web u can learn how to write ur own script and have it save on reboot.

    Arno-iptables-firewall gives in to both worlds.

    GUI = editing firewall.conf and custom-rules in /etc/arno-iptables-firewall with ur local script editor.

    &

    custom-rules - add ur own rules.




    Posted Via Usenet.com Premium Usenet Newsgroup Services
    ----------------------------------------------------------
    ** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
    ----------------------------------------------------------
    http://www.usenet.com

  9. Re: firewall help please



    "Ignoramus17674" wrote in message
    newsfOdnTC8KoYbEJ_VnZ2dnUVZ_qTinZ2d@giganews.com...
    > On 2008-04-13, Moog wrote:
    >> Sarah D. illuminated alt.os.linux.ubuntu by typing:
    >>> Does Kubuntu have a built-in firewall of some sort? I can completely
    >>> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    >>> it indicates that all my ports are closed except for a few that are
    >>> stealth.
    >>>
    >>> Sure would appreciate any insight into what's going on......

    >>
    >> I don't know too much about Kubuntu, but Ubuntu is pretty much locked
    >> down from the off.
    >>
    >> All (or very close to all) ports are only opened on a "per application"
    >> basis. For instance, Run firefox, port 80 will open. Close it. Port 80
    >> will close.

    >
    > Firefox does not listen on port 80. It does not open any local ports.


    Any application using the internet has to have ports open and receiving
    packets.
    Probably not port 80 I agree, but open.

    An application opened port can get a probe on that open port and the OS has
    to deal with it.
    Not dealing with it correctly has been the cause of many problems in the
    past and probably will in the future.
    It doesn't have to be a server to cause a problem, you could attack a client
    port if you knew/thought it would be running. They are just harder to find
    and you don't know which application is there unless you can snoop the
    connection.
    Any malformed (eg. not in the current connection) should be silently
    discarded.

    HTH.


  10. Re: firewall help please

    On Sun, 13 Apr 2008 23:29:27 -0500, nowshining wrote:

    > Well, the blocked ports/stealthed ports are mostly from ur ISP
    > blocking them at their end.


    Not hardly. For proof. install wireshark, get it started for your
    Internet nic, and run the port scan again. You will see the scan
    attempts on those ports proving ISP is not blocking the ports.

  11. Re: firewall help please

    don wrote:

    > Sarah D. wrote:
    >> Does Kubuntu have a built-in firewall of some sort? I can completely
    >> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    >> it indicates that all my ports are closed except for a few that are
    >> stealth.
    >>
    >> Sure would appreciate any insight into what's going on......


    How is the PC connected to the net?

    > Just a suggestion.
    > I have firewall turned off.
    > I rely on my Netgear ADSL broad band modem to protect my computer.
    > Steve Gibson's ShieldsUp utility gives me stealth all the way,
    > then complements that my box is so secure that it seems to be turned
    > off. I am open to being advised of any weakness here.


    http://lwn.net/Articles/253830/ :-)
    (security issues on British Telecom ADSL router)
    Not Netgear, but like with any device or computer with an operating
    system it is unlikely that any dsl router will be 100% fault free. And
    given the negligence shown by many companies regarding the default
    settings of these boxes (default admin accounts or default
    configuration as an open WLAN access point) I rather doubt that they
    care about the security of their code the way they are supposed to.
    So it might be a good idea to add a second barrier with a firewall on
    the PC connected to the router. Installing firestarter and setting it
    up for a simple network is fast and troublefree and might well be worth
    the moderate effort.

    GŁnther

  12. Re: firewall help please

    Sarah D. wrote:
    > Does Kubuntu have a built-in firewall of some sort? I can completely
    > turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
    > it indicates that all my ports are closed except for a few that are
    > stealth.
    >
    > Sure would appreciate any insight into what's going on......
    >

    Guarddog is not a firewall, it's just a firewall configuration utility.
    What do you mean by "completely turn off guarddog"?

    Guarddog DOES let you disable the firewall... did you try that?

+ Reply to Thread