Firewall - Page 4.9

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

An Introduction to UFW, Ubuntu’s ‘Uncomplicated’ Firewall

Iptables are the cornerstone for configuring firewalls and managing network traffic in Linux. For the uninitiated, iptables can be complex and intimidating. However, most Linux distributions provide simpler front-end interfaces to manage iptables rul...
Dec 31, 2023
  356

The Open Source Firewall – IPFire 2.27 – Core Update 173 Released: What’s New?

Get ready to experience the best of IPFire 2.27 – Core ...
Mar 01, 2023
  786
32.Lock Code Circular Esm H115

IPFire Hardened Linux Firewall Distro Is Now Powered by Linux Kernel 6.1 LTS

IPFire 2.27 Core Update 173 is out to introduce support...
Feb 28, 2023
  749
20.Lock AbstractDigital Circular Esm H115

Discover Firewalls News

LS Hmepg 337x500 34 Esm H200

Security Without Firewalls: Sensible Or Silly?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For years, infosec experts have called the firewall a critical ingredient to security, whether it's in a large enterprise or on a home PC. But the San Diego Supercomputer Center (SDSC) has defied that logic with what some would consider surprising success. Abe Singer, computer security manager for the SDSC's Security Technologies Group, explained how companies can maintain strong firewall-free security at the 2006 USENIX Annual Technical Conference Thursday. He has also produced a presentation (.pdf) on the subject.

LS Hmepg 337x500 34 Esm H200

MicroWorld to Launch Futuristic Network Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

MicroWorld Technologies launched its futuristic, enterprise class firewall eConceal. eConceal is a comprehensive network firewall developed to prevent unauthorized access to a computer or network connected to the Internet. It enforces a boundary between two or more networks by implementing default or user-defined Access Control Policies or Rules. These rules function as filters by analyzing data packets to see if they fulfill the filter criteria and then allow or block the traffic accordingly.

LS Hmepg 337x500 34 Esm H200

Test-driving RouterOS 2.9

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Would you like to have a Linux-based router capable of doing tasks such as stateful firewall inspection, virtual private networking, and traffic shaping, in addition to packet routing? Tired of having to do administration from the command line but want to be able to administer your box from a Windows-based client PC? MikroTik's RouterOS may what you need. You can boot RouterOS via diskette, CD, or over the network via PXE or Etherboot-enabled network interface card. You can find a full list of RouterOS technical specifications at the homepage.

LS Hmepg 337x500 34 Esm H200

How To Test Your Linux-Distro Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Recently, I wrote an article about "How to scan your Linux-Distro for Root Kits". Now that the machine is... clean! I think, a good thing TO-DO, is to test my Firewall (AGAIN!) The good news are that we can use the free tool FTester. The bad news are that FTester needs to be configured right...So...Let's get to work!

LS Hmepg 337x500 34 Esm H200

Firewall Migration

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When birds migrate, they expend a huge amount of energy winging their way from one place to another, depending on sheer endurance to complete the journey safely. And so, it seems, it goes with with security managers faced with swapping out their gateway firewalls. Firewall migration for mid- to large-sized enterprises in particular appears to be a lengthy project indeed when organizations migrate from one vendor's firewall to another since by all accounts, firewall product design differs substantially. Our story this week looks at the topic.

LS Hmepg 337x500 34 Esm H200

All-in-one Linux Firewall touts ease of use, advanced features

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you haven't checked out Endian Firewall yet, download the code and give it a try. Endian Firewall is a packaged Linux security distribution that combines several open source firewall, VPN and anti-virus packages with a hardened Linux operating system. There are many Linux security appliance packages out there, so Endian is hoping to differentiate its distribution with ease-of-use management and set-up features. According to the developers' Web site, the "turn-key" package was created with "usability in mind ... without losing its flexibility." A set of browser-based wizards is used for setup, configuration and maintenance, and the software can be installed via the RPM package manager standard.

LS Hmepg 337x500 34 Esm H200

Roll Your Own Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Over the years I have learned how to roll my own firewall script and call it from /etc directory. Of course, my firewall is only INPUT based, instead of INPUT and OUTPUT based, but I find that building an INPUT/OUTPUT based firewall is tremendously difficult and not really all that necessary if you use good download practices on your Linux server or PC and/or if you're already behind a NAT router (such as a home-based DSL or cable router or wireless router) or other firewall.

LS Hmepg 337x500 34 Esm H200

Review: Advancing Firewall Protection

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With more than one million users, U.K.-based SmoothWall’s Firewall may just be the most popular software firewall that has yet to become a household name. Test Center engineers recently took at look at products from SmoothWall to see what all the buzz is about and to see exactly why one million users have chosen the product.

LS Hmepg 337x500 34 Esm H200

Adaptive Firewalls with iptables

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Up until now, we've looked at stateless and stateful firewalls. Remember, stateless firewalls only have the features of a given packet to use as criteria for whether that packet should be passed, blocked, or logged. With a stateful firewall, in addition to the fields in that packet, we also have access to the kernel's table of open connections to use in deciding the fate of this packet. There's a problem, though. Picture an attacker that has launched attacks against almost every port on our web server box for the past half hour. The firewall has successfully repelled all of them, but now the attacker turns her attentions to port 80. All of the hostile overflow attempts are let through unhindered. Why? Because the firewall ruleset allows all traffic to the web server through, and our firewall can't remember the fact that this IP address has been pounding all the other ports on the system.

LS Hmepg 337x500 34 Esm H200

Help's A Firewall Away

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Flash back to December 2002. Barely in his 20s, self-taught network engineer and help-desk staffer Joel Bomgaars is frustrated because firewalls prevent him from accessing PCs of users needing help. At his cubical at systems integrator Business Communications Inc., he has an epiphany: Instead of accessing the user's computer, have the user request help by going to a Web site. That would clear the firewall hurdles, because firewalls only block incoming messages. The idea worked, and Bomgaars was able to connect with a user within 10 seconds.

LS Hmepg 337x500 34 Esm H200

Free Tool for Netfilter Announced

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In an effort to support the open source community, Solsoft Inc., the leading provider of network security policy management software, today announced its Solsoft NetfilterOne, a graphical interface that will automate the design, deployment and documentation of security rules and policies as they pertain to a networked netfilter firewall.

LS Hmepg 337x500 34 Esm H200

IptablesWeb v.1.0

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

IptablesWeb is a free software (under GPL licence): it makes possible to inspect iptables logs by using a web browser. It's a plugin-based multilanguage software written in PHP using 3 free php classes. More information: IptablesWeb

LS Hmepg 337x500 34 Esm H200

Creating info society: Broadband and info security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The explosion of spamming, hoaxes and cyber attacks has highlighted just how vulnerable users are to security breaches and the steps they need to take to protect themselves. While both dial-up and broadband connections can be affected by such security breaches, an always-on broadband connection is undoubtedly an easier target. This is because the always-on nature of a broadband connection means that attacks and hacking can happen around the clock, raising the stakes by comparison with a computer that is only on for short periods. Luckily, there are many tools available to make broadband connections secure and attractive to users and potential users.

LS Hmepg 337x500 34 Esm H200

The Death Of A Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Three years ago, I proposed to our technology architects that we eliminate our network firewalls. Today, we're close to achieving that goal. Back then, I thought that network-based firewalls were losing their effectiveness, enabling a mind-set that was flawed. Today, I'm certain.

LS Hmepg 337x500 34 Esm H200

What is the Best Firewall for Servers?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I maintain a bunch of servers at our labs in the university. Of late, the number of attacks on the computers has been more noticeable. The university provides firewall software (Kerio) but that doesn't work with Win 2003. And so we keep getting hit by zombie machines taken over in the Education Department or from Liberal Arts. So what does the Slashdot crowd use when they need to secure their Linux and Windows servers? Does it cost less than US $100?

LS Hmepg 337x500 34 Esm H200

Endian Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Endian Firewall is a turn-key Linux security distribution based on IPCop that turns a system into a security appliance. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP) with anti-virus support, virus and spam filtering for E-mail traffic (POP and SMTP), content filtering of Web traffic and VPN (based on OpenVPN).

LS Hmepg 337x500 34 Esm H200

Sentry CD - A different firewall approach

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you want to set up a Linux-based firewall, there's no need to run a bloated distribution that installs everything but the kitchen sink. If you are not afraid to get your hands dirty, and like having total control over your system, then Sentry Firewall CD (SFCD) is just what you need. It is a highly configurable, bootable CD that takes a minimalist approach to firewalling.

LS Hmepg 337x500 34 Esm H200

Shorewall lead developer quits

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It is with regret that I announce that Shorewall development and support is officially ended. Unlike the originators of other successful open source projects, I have not been able to attract a core of people who believe in Shorewall and who are willing to make sacrifices to ensure it's success. That is my weakness and I accept it. But is means that I have been left with trying to develop, document, and support Shorewall almost single-handedly. I cannot do it any more.

LS Hmepg 337x500 34 Esm H200

Three tools to help you configure iptables

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Every user whose client connects to the Internet should configure his firewall immediately after installation. Some Linux distributions include firewall configuration as a part of installation, often offering a set of defaults configurations to choose from. However, to ensure that your machine presents the minimum "attack surface" (a measure of the number of vulnerable ports, user accounts, and sockets exposed to attack) to the predatory inhabitants of the Internet, you may need to do some manual configuration of your firewall. Here are three tools that can help.

LS Hmepg 337x500 34 Esm H200

European security appliance sales soar

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Demand for security appliances is going through the roof, with western European sales of the devices predicted to reach over $1.4bn in 2009, up from around $625m in 2004. According to a newly released IDC study, the sector is growing at a compound annual growth rate of 18 per cent.

Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved