Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Linux Firewall - Page 6

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

We’ve all run into UFW on Linux systems that were already in use. When firewall problems show up, they almost never show up in new or surprising ways.  We at Linux Security want to help other admins recognize the kind of UFW problem they’re dea...

On most long-running Linux servers, UFW rules don’t get...

 UFW looks simple until you put it on a long-lived...

Discover Firewalls News

LS Hmepg 337x500 34 Esm H267

Joel Bomgaars' Web-Based Remote Support Solution Breakthrough

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Flash back to December 2002. Barely in his 20s, self-taught network engineer and help-desk staffer Joel Bomgaars is frustrated because firewalls prevent him from accessing PCs of users needing help. At his cubical at systems integrator Business Communications Inc., he has an epiphany: Instead of accessing the user's computer, have the user request help by going to a Web site. That would clear the firewall hurdles, because firewalls only block incoming messages. The idea worked, and Bomgaars was able to connect with a user within 10 seconds.

LS Hmepg 337x500 34 Esm H267

Solsoft NetfilterOne: Centralized Firewall Management Solution

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In an effort to support the open source community, Solsoft Inc., the leading provider of network security policy management software, today announced its Solsoft NetfilterOne, a graphical interface that will automate the design, deployment and documentation of security rules and policies as they pertain to a networked netfilter firewall.

LS Hmepg 337x500 34 Esm H267

Strategies To Improve Broadband Security And User Protection

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The explosion of spamming, hoaxes and cyber attacks has highlighted just how vulnerable users are to security breaches and the steps they need to take to protect themselves. While both dial-up and broadband connections can be affected by such security breaches, an always-on broadband connection is undoubtedly an easier target. This is because the always-on nature of a broadband connection means that attacks and hacking can happen around the clock, raising the stakes by comparison with a computer that is only on for short periods. Luckily, there are many tools available to make broadband connections secure and attractive to users and potential users.

LS Hmepg 337x500 34 Esm H267

Top Firewall Solutions for Linux and Windows Server Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I maintain a bunch of servers at our labs in the university. Of late, the number of attacks on the computers has been more noticeable. The university provides firewall software (Kerio) but that doesn't work with Win 2003. And so we keep getting hit by zombie machines taken over in the Education Department or from Liberal Arts. So what does the Slashdot crowd use when they need to secure their Linux and Windows servers? Does it cost less than US $100?

LS Hmepg 337x500 34 Esm H267

Endian Firewall: A Turn-Key Linux Security Solution With VPN And Antivirus

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Endian Firewall is a turn-key Linux security distribution based on IPCop that turns a system into a security appliance. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP) with anti-virus support, virus and spam filtering for E-mail traffic (POP and SMTP), content filtering of Web traffic and VPN (based on OpenVPN).

LS Hmepg 337x500 34 Esm H267

Learn to Configure Sentry Continuous Delivery for Linux Firewall Solutions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you want to set up a Linux-based firewall, there's no need to run a bloated distribution that installs everything but the kitchen sink. If you are not afraid to get your hands dirty, and like having total control over your system, then Sentry Firewall CD (SFCD) is just what you need. It is a highly configurable, bootable CD that takes a minimalist approach to firewalling.

LS Hmepg 337x500 34 Esm H267

Shorewall Project Shutdown: Community Support and Next Steps

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It is with regret that I announce that Shorewall development and support is officially ended. Unlike the originators of other successful open source projects, I have not been able to attract a core of people who believe in Shorewall and who are willing to make sacrifices to ensure it's success. That is my weakness and I accept it. But is means that I have been left with trying to develop, document, and support Shorewall almost single-handedly. I cannot do it any more.

LS Hmepg 337x500 34 Esm H267

Top Tools for Configuring Iptables Firewall Effectively

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Every user whose client connects to the Internet should configure his firewall immediately after installation. Some Linux distributions include firewall configuration as a part of installation, often offering a set of defaults configurations to choose from. However, to ensure that your machine presents the minimum "attack surface" (a measure of the number of vulnerable ports, user accounts, and sockets exposed to attack) to the predatory inhabitants of the Internet, you may need to do some manual configuration of your firewall. Here are three tools that can help.

LS Hmepg 337x500 34 Esm H267

Deep Inspection Firewalls: Revolutionizing Enterprise Network Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If it were on public display, this portion of our Firewall Blowout would be the geek equivalent of the Chicago Auto Show. Our Chicago Neohapsis partner labs focused on the muscle cars: enterprise-class, gigabit-capable network firewall appliances and turnkey systems that support high-availability stateful failover, VPNs and centralized management as well as DI (deep inspection), which we define as having the ability not only to perform stateful packet filtering, but also to inspect packet payloads higher up the OSI model using specific attack signatures and Layer 7 protocol engines.

LS Hmepg 337x500 34 Esm H267

Exploring Firewall Technology As A Standalone Security Solution

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Once they were border controls, then customs and excise, now they are the police, the fire brigade and the health service. Can the firewall become the sole security device in the enterprise? Zaphod Beeblebrox, the two-headed anti-hero of Douglas Adams’ Hitchhiker’s guide to the galaxy, wears the future of firewalls on his head. His Joo Janta 200 Super-Chromatic Peril Sensitive Sunglasses turn black at the first hint of danger. This saves him from witnessing frightening events, so he remains cool and un-panicked in a dangerous universe.

LS Hmepg 337x500 34 Esm H267

Guardian Digital Firewall Launch: A New Era in Internet Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Guardian Digital, Inc., a leader in open source security products, today announced the release of a new firewall product that will revolutionize internet security as we know it, forever. Guardian Digital CEO Dave Wreski explains, "Our new product works differently from most other firewalls on the market, which can possibly allow dangerous packets into protected networks. Our technical wizards realized that all virus, worm, and malware authors use dangerous 'zeroes' in their binary code, therefore our new firewall product blocks all 'zeroes' while allowing the friendly, useful 'ones' through."

LS Hmepg 337x500 34 Esm H267

Choosing Between Floppyfw And Coyote Linux Firewalls For Home Use

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When you look in your closet, do you see a pile of obsolete hardware that you just cannot bring yourself to throw out, despite the pleas of your family? If you want to share your home Internet connection and save a little money at the same time, dust off that old hardware and set up a Linux-based firewall. All you need is a 486 or better processor, two network adapters (only one if you're on dial-up), a switch or hub, diskette drive, and 12MB of RAM. In this article, we'll take a look at floppyfw and Coyote Linux, two free, open source projects that have shrunk Linux down to diskette size to implement a firewall.

LS Hmepg 337x500 34 Esm H267

Astaro Security Linux 5.1 Review: Advanced Firewall Management Interface

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One of the more popular uses for Linux is as a router/firewall to secure a local area network (LAN) against intruders and share an Internet connection. Several specialized distributions have sprung up to simplify this task. These range from small, diskette-based distros like the Linux Router Project and FREESCO to larger systems requiring a hard disk installation. Among the latter is Astaro Corp.'s Astaro Security Linux (ASL) 5.1, which I recently reviewed as part of ongoing research into content filtering products. ASL is an RPM-based distribution that allows an administrator to easily turn an x86 PC or server into a router/firewall appliance.

LS Hmepg 337x500 34 Esm H267

Firewall Systems: Adapt to Managed Security or Lose Market Share

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Specialist distributor, Firewall Systems, is warning resellers to start thinking of security as a managed service or risk losing market share to physical security providers. Firewall marketing director, Nick Verykios, said physical security players such as Chubb were already providing IP-based services, adding data to their stack as the markets continued to converge.

LS Hmepg 337x500 34 Esm H267

Analyzing Firewall Approaches in Banking and University Settings

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Internet front door to almost every bank and financial services company in the world is guarded by two sets of firewalls defining a DMZ. Nearly every e-commerce site sits in a similar DMZ in what has become the de facto standard in Web security architecture. According to Sun Microsystems, "In today's tumultuous times, having a sound firewall/DMZ environment is your first line of defense against external threats." But I would argue that guarding the perimeter is lulling organizations into a false sense of security that results in ignoring the implementation of other security mechanisms in their applications and databases.

Your message here