Firewall - Page 11

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

An Introduction to UFW, Ubuntu’s ‘Uncomplicated’ Firewall

Iptables are the cornerstone for configuring firewalls and managing network traffic in Linux. For the uninitiated, iptables can be complex and intimidating. However, most Linux distributions provide simpler front-end interfaces to manage iptables rul...
Dec 31, 2023
  356

The Open Source Firewall – IPFire 2.27 – Core Update 173 Released: What’s New?

Get ready to experience the best of IPFire 2.27 – Core ...
Mar 01, 2023
  786
32.Lock Code Circular Esm H115

IPFire Hardened Linux Firewall Distro Is Now Powered by Linux Kernel 6.1 LTS

IPFire 2.27 Core Update 173 is out to introduce support...
Feb 28, 2023
  749
20.Lock AbstractDigital Circular Esm H115

Discover Firewalls News

LS Hmepg 337x500 34 Esm H200

Running Your Firewall in runlevel 0

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mike Murray describes how he patched the 2.2 Linux kernel to run an ipchains packet filtering firewall when the machine is halted. "As systems administrators, it's often funny how new and interesting information ends up in our hands. Sometimes, it's through an intentional course of study; other times, it seems to arrive by accident. That's exactly how the concept of using a halted Linux computer as a firewall occurred to me. . . .

LS Hmepg 337x500 34 Esm H200

Inside the Linux Packet Filter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In Part I of this two-part series on the Linux Packet Filter, Gianluca describes a packet's journey through the kernel. Network geeks among you may remember my article, ``Linux Socket Filter: Sniffing Bytes over the Network'', in the June 2001 issue of LJ, regarding the use of the packet filter built inside the Linux kernel.. . .

LS Hmepg 337x500 34 Esm H200

Use Linux firewall to fend off hackers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A firewall is software that prevents the flow of Internet traffic. Businesses and large network administrators use firewalls to contain traffic and maintain security. Firewalls keep traffic out, or they keep it in. A simple firewall configuration for most home users would block all outside traffic not generated at the users' request.. . .

LS Hmepg 337x500 34 Esm H200

Building a Linux Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The 2.4 Kernel of Linux has a great tool called netfilter, which is a framework for creating firewalls. Many new Linux distributions such as RedHat 7.1 come with basic firewall rulesets that allow you to automatically create low, medium, or high . . .

LS Hmepg 337x500 34 Esm H200

PCX IP Tables Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

PCX Firewall is a perl script which works with several configuration files to generate 3 shell scripts (startfw, stopfw, and restartfw) which actually do the real work of the firewall. The design goal was to develop a complete IPTables based . . .

LS Hmepg 337x500 34 Esm H200

Reverse firewall dams DoS flood

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a bid to fight the growing menace from computer and router-based denial of service (DoS) attacks, security firm have developed a technique to dam the DoS data flood at source. Using funding from the Defence Advanced Research Projects Agency . . .

LS Hmepg 337x500 34 Esm H200

Defense Mechanisms

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There's no question that firewalls are a key weapon in the IT arsenal. From a business perspective, the case for purchasing the right firewall for the job at hand is simple: Downtime costs money. Lost data costs money. A hacked site . . .

LS Hmepg 337x500 34 Esm H200

Guide to Firewall Selection and Policy Recommendations

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A draft of the Guide to Firewall Selection and Policy Recommendations (.pdf format) is now available for public comment. This document is intended for technical managers in the firewall and network security areas, but it would also prove useful to those wishing to know more about firewall technology and recommended policies. . . .

LS Hmepg 337x500 34 Esm H200

Transparent Proxying with Squid

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Transparent proxying frees you from the hassle of setting up individual browsers to work with proxies. If you have a hundred, or a thousand, users on your network, it's a pain to set up each browser and to use proxies -- or to try to convince users to go into their preferences and type in these symbols they don't understand.. . .

LS Hmepg 337x500 34 Esm H200

Firewalls not perfect but needed these days

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the numbers of hackers and viruses these days, everyone who has a computer that's connected to a network -- including the Internet -- should have a firewall or be running behind one. This is a Q&A sessions about firewalls with . . .

LS Hmepg 337x500 34 Esm H200

Netfilter and iptables: Stateful firewalling for Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

... the latest Linux kernel, version 2.4, offers a number of improvements over the 2.2 kernel that make Linux a viable alternative for corporate firewalls. Netfilter, Linux's in-kernel "packet mangling" infrastructure, and iptables, the administrative tool that manages it, represent a . . .

LS Hmepg 337x500 34 Esm H200

10 minutes to an iptables-based Linux firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The 2.2 version of the Linux kernel used the ipchains application to control the firewall. For standard firewalling, ipchains is a decent solution. We still use it on some of our machines, and there is still a positive argument for 2.2 . . .

LS Hmepg 337x500 34 Esm H200

FTP and NAT: solutions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The FTP protocol has strange peculiarities that make working behind a firewall somewhat difficult if not quite impossible. This document explains the problem, and solutions for both client and server behind a gateway doing NAT. AFAIK, it's the first time a solution is proposed for the server. Details of this solution are given for OpenBSD.. . .

LS Hmepg 337x500 34 Esm H200

Taming the Wild Netfilter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For those of you who have taken the plunge and upgraded from kernel 2.2.X (or even 2.0.X) to 2.4.X, congratulations. If, like a number of folks, you're running some form of firewall using either ipchains or ipfwadm, your scripts may work . . .

LS Hmepg 337x500 34 Esm H200

IPFilter on OpenBSD

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

What is IPFilter? Very simply, a package for permitting (or passing) and denying IP packets based on a range of criteria. It can also provide Network Address Translation (NAT) services, if desired. The IPFilter web site has more details. . . .

LS Hmepg 337x500 34 Esm H200

The Firewall Fetish

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewalls are the bestsellers of tech security, cheap, formulaic and popular. Like a good paperback, they offer a pleasant escape from reality. An entire generation of business executives has come of age trained on the notion that firewalls are the . . .

LS Hmepg 337x500 34 Esm H200

Commenting a firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hopefully, this article will help you understand the principle of building a custom firewall. The firwall used for this article is pretty good, and you can use it, since you can adjust it to your needs as it is well commented. It is ideal for your home network. Just copy it, chmod it and off you go.. . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved