Monday, July 04, 2005
Configure firewalls with Firestarter
July 4, 2005
Configure firewalls with Firestarter
Every computer needs a good firewall for protection against various threats on the Internet. One recommendation is to use a hardware-based device to protect your computer or network, but an "out-of-the-box" device is not always sufficient--it may not be powerful enough, or it may not require the features you need. Fortunately, Linux makes a secure firewall, and with some older hardware, you can set up a dedicated firewall system.
When you're working with a Linux firewall, manipulating iptables can be daunting. Even comprehensive packages like Shorewall require a fair amount of knowledge and time to configure. Using a GUI tool with a walk-through wizard, such as Firestarter, is typically much easier than fiddling with text-based configuration files and shell scripts. However, you should note that Firestarter still identifies iptables as a pre-requisite, because it simply configures iptables rules for your firewall.
Firestarter uses an intuitive GUI interface to explain, step-by-step, each item that's configured. The initial wizard tells Firestarter whether or not you use DHCP, whether or not to allow Internet Connection Sharing (which is a must if you use the machine as a dedicated firewall for your network), and which is the internet-connected interface.
Another nice feature about Firestarter is that you can define an outbound traffic policy, which allows you to be permissive or restrictive by default. You can fine-tune the services and sites that are denied or accessible. In addition, you can easily add a new rule by clicking on the list space in the Policy tab and selecting Add Rule. Common service names are listed for easy selection.
With a slick GUI and comprehensive help, both in the program and online, Firestarter is an excellent firewall management tool. To download or find out more information about Firestarter, visit this Web site.
Vincent Danen has been using Linux for nearly two years and obtained his Linux Administrator certification from Tekmetrics.com.
Configure firewalls with Firestarter
Every computer needs a good firewall for protection against various threats on the Internet. One recommendation is to use a hardware-based device to protect your computer or network, but an "out-of-the-box" device is not always sufficient--it may not be powerful enough, or it may not require the features you need. Fortunately, Linux makes a secure firewall, and with some older hardware, you can set up a dedicated firewall system.
When you're working with a Linux firewall, manipulating iptables can be daunting. Even comprehensive packages like Shorewall require a fair amount of knowledge and time to configure. Using a GUI tool with a walk-through wizard, such as Firestarter, is typically much easier than fiddling with text-based configuration files and shell scripts. However, you should note that Firestarter still identifies iptables as a pre-requisite, because it simply configures iptables rules for your firewall.
Firestarter uses an intuitive GUI interface to explain, step-by-step, each item that's configured. The initial wizard tells Firestarter whether or not you use DHCP, whether or not to allow Internet Connection Sharing (which is a must if you use the machine as a dedicated firewall for your network), and which is the internet-connected interface.
Another nice feature about Firestarter is that you can define an outbound traffic policy, which allows you to be permissive or restrictive by default. You can fine-tune the services and sites that are denied or accessible. In addition, you can easily add a new rule by clicking on the list space in the Policy tab and selecting Add Rule. Common service names are listed for easy selection.
With a slick GUI and comprehensive help, both in the program and online, Firestarter is an excellent firewall management tool. To download or find out more information about Firestarter, visit this Web site.
Vincent Danen has been using Linux for nearly two years and obtained his Linux Administrator certification from Tekmetrics.com.
# posted by MiDBA @ 7/04/2005 04:11:00 PM 
