do i need a firewall for opensuse?? and if yes which is good one ???
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Opensuse comes with one, and it is enabled by default.
Good luck.
offshore wrote:
> do i need a firewall for opensuse?? and if yes which is good one ???
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIvu853s42bA80+9kRAjhYAJwO8i7AtZj2Brx95XYoxinvnXM5FQCfRwi/
euiOlAaCRV3fblbkwNeEnNo=
=hUyg
-----END PGP SIGNATURE-----
i knew this, i said that question because after a scan i did with nmap i found 4 open ports which means that the the default firewall isnt that good
No, what it really means is that you don’t know what you’re talking about. If you did, you would have specified the ports and the services that were running on them.
Now, if you can settle down a bit, and refrain from unsupported accusations, please tell us what the exact output was from nmap, and I’m sure someone will be glad to tell you what the services are.
What you need to realize is that in Linux, as with other Unix-type machines, several programs (such as the graphical server) operate in a client-server fashion. In other words, you have the client and server on your system, and they sometimes communicate via TCP.
Scanning your IP from afar would give you a different result.
Hi
So disable the services if they are not needed?
–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.0 x86 Kernel 2.6.25.11-0.1-default
up 4 days 16:15, 1 user, load average: 0.20, 0.10, 0.15
GPU GeForce 6600 TE/6200 TE - Driver Version: 173.14.12
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Agreed… the default firewall blocks all ports. The fact that ports
may be listening on the server itself (before the firewall is
implemented between the server and the outside world) means nothing
since every computer you’ve ever touched had open ports out of the box
by default. If you are thinking somebody is going to find out about
your box by running nmap from the box itself you’re a bit confused… if
they have enough access to do that you’ve already lost.
Good luck.
wnj92996 wrote:
> offshore;1866657 Wrote:
>> i knew this, i said that question because after a scan i did with nmap i
>> found 4 open ports which means that the the default firewall isnt that
>> good
>
> No, what it really means is that you don’t know what you’re talking
> about. If you did, you would have specified the ports and the services
> that were running on them.
>
> Now, if you can settle down a bit, and refrain from unsupported
> accusations, please tell us what the exact output was from nmap, and I’m
> sure someone will be glad to tell you what the services are.
>
> What you need to realize is that in Linux, as with other Unix-type
> machines, several programs (such as the graphical server) operate in a
> client-server fashion. In other words, you have the client and server
> on your system, and they sometimes communicate via TCP.
>
> Scanning your IP from afar would give you a different result.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIvvtC3s42bA80+9kRAgxgAJ9l2xc6r1aOE8z4byL5d3iBt/hT3wCdEVQc
UeQo78UcbxpHd6qJ/f8BAXc=
=OJW1
-----END PGP SIGNATURE-----
That is one of the more interesting comments I’ve heard about firewalls.
True. However, with all due respect to the OP, I believe it is because people in general have a misconception about what a firewall really is and what it is really supposed to do.
I understood that; I guess what I was really talking about the degree of misunderstanding.
Of course, you can’t win any prizes no matter what you do. In Suse before 11.0 the firewall pretty much locked off everything. Folk took issue with that. Now with a few strategic necessities open in 11.0 (e.g. Samba server), people are finding fault with that too.
@offshore: I suppose the thing to take on board is that SuSEfirewall2 (strange name that) is an industry leader – but like all useful multipurpose utilities, you have to configure it to suit your needs.