24.10.2025, 09:21 UhrDeutsch | English
Hallo Gast [ Registrierung | Anmelden ]

Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
Autor Nachricht
ekp
Titel: Firewall necessary?  BeitragVerfasst am: 28.05.2006, 15:27 Uhr



Anmeldung: 13. Feb 2005
Beiträge: 87

My Kanotix has closed ports by default. They however are not stealthed. To get there I have installed firestarter and am completely stealthed. I do see however a performance drop on connecting to an IP. Xchat is almost immediately connected without it but very slow in connecting with it.

On your basic Home Desktop is firewalling all that necessary?
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
devil
Titel: Firewall necessary?  BeitragVerfasst am: 28.05.2006, 16:22 Uhr
Team Member
Team Member


Anmeldung: 06. Mai 2005
Beiträge: 3087
Wohnort: berlin
i never use one, i am behind a router with NAT.

greetz
devil

_________________
<<We are Xorg - resistance is futile - you will be axximilated>>

Host/Kernel/OS "devilsbox" running[2.6.19-rc1-git5-kanotix-1KANOTIX-2006-01-RC4 ]
CPU Info AMD Athlon 64 3000+ clocked at [ 803.744 MHz ]
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
ironwalker
Titel: RE: Firewall necessary?  BeitragVerfasst am: 06.06.2006, 04:08 Uhr



Anmeldung: 21. Jan 2005
Beiträge: 454
Wohnort: NYC/NJ Area
I don't use one on my linux workstation.....I do use tcpspy and it shows on desktop with root-tail'ing proper log files,every connection in or out includeing failed ones.
Of course,you have to watch it constantly to stop anything suspicious but I dont expect anything suspicious.

I wouldnt mind stopping outgoing connections I didnt want going out,but I dont think I'd have many with linux just yet.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
rich.bradshaw
Titel: RE: Firewall necessary?  BeitragVerfasst am: 06.06.2006, 09:02 Uhr



Anmeldung: 14. Jan 2006
Beiträge: 287

I forward port 22 to my PC using my router, then use firestarter to restrict the IP addresses allowed to connect to it to computers I want to be able to connect. Though that's really an unneccessary step - I have disabled root login and have a pretty strong password.

If I didn't have a router though, I would use firestarter to block everything except port 22 for the computers I want.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
markb
Titel: Re: RE: Firewall necessary?  BeitragVerfasst am: 06.06.2006, 13:17 Uhr



Anmeldung: 09. Aug 2004
Beiträge: 121
Wohnort: Brisbane Australia
rich.bradshaw hat folgendes geschrieben::
I forward port 22 to my PC using my router, then use firestarter to restrict the IP addresses allowed to connect to it to computers I want to be able to connect. Though that's really an unneccessary step - I have disabled root login and have a pretty strong password.

Do you realise you can just set "Allowusers *@here.com *@heretoo.com me@my.com ... etc" in your sshd_config?
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
rich.bradshaw
Titel: RE: Re: RE: Firewall necessary?  BeitragVerfasst am: 06.06.2006, 17:18 Uhr



Anmeldung: 14. Jan 2006
Beiträge: 287

yeah, I probably would be better off doing that... There was an article somewher e the other day about firewall less security. It seems a good idea, make things secure instead of covering them with something secure, but leaving them unprotected otherwise, if you see what I mean!
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Beiträge vom vorherigen Thema anzeigen:     
Gehe zu:  
Alle Zeiten sind GMT + 1 Stunde
Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
PNphpBB2 © 2003-2007 
 
Deutsch | English
Logos and trademarks are the property of their respective owners, comments are property of their posters, the rest is © 2004 - 2006 by Jörg Schirottke (Kano).
Consult Impressum and Legal Terms for details. Kanotix is Free Software released under the GNU/GPL license.
This CMS is powered by PostNuke, all themes used at this site are released under the GNU/GPL license. designed and hosted by w3you. Our web server is running on Kanotix64-2006.