Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Question about the included firewall

  1. #1

    Default Question about the included firewall

    Windows newbie here trying to learn Linux for an eventual switch. I installed openSUSE 11.3 on my spare pc since this will be my preferred OS. I looked at the firewall and it's working, has all my netowork hardware outside, etc etc

    One thing in Windows is that I could see the firewall working. Whenever it blocked access to some port, the red light would go off in the taskbar icon ... green light for allowed access. Whenever a new program (actually I had it set up for every single program) wanted to access the internet, it would ask:

    "Firefox is trying to access the internet. Allow?"
    "VLC Player is trying to access the internet. Allow?"

    On the suse Firewall, I can't seem to figure out how to show alerts for blocked port requests or how to have programs ask for permission before being able to access the net. Just from a paranoia perspective, I prefer to have full control over all the program's access to the internet.

    At first, I thought it just trusted all the programs that came stock with the OS such as Firefox ... but I've been installing more progs like VLC player and notice they have instant internet access too.

    thnx for any help

  2. #2

    Default Re: Question about the included firewall

    I think firewalls on windows ask if a program can do stuff mostly for viruses, and there aren't very many linux viruses. In linux I think you mostly just need to make sure you don't give root access to stuff like that (if you can even find it), and you'll be fine. Anyways I'm not the most knowledgeable person about linux so it would probably be good to get another opinion.

    I don't have time to look in detail, but I may have found what your looking for. Go into YaST and look at "Security and Users -> Firewall."

    You might also look at Novel AppArmor, but I have no idea what that is.

  3. #3
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Question about the included firewall

    NewbieLLP wrote:
    > Windows newbie here trying to learn Linux for an eventual switch. I
    > installed openSUSE 11.3 on my spare pc since this will be my preferred
    > OS. I looked at the firewall and it's working, has all my netowork
    > hardware outside, etc etc
    >
    > One thing in Windows is that I could see the firewall working.
    > Whenever it blocked access to some port, the red light would go off in
    > the taskbar icon ... green light for allowed access. Whenever a new
    > program (actually I had it set up for every single program) wanted to
    > access the internet, it would ask:
    >
    > "Firefox is trying to access the internet. Allow?"
    > "VLC Player is trying to access the internet. Allow?"
    >
    > On the suse Firewall, I can't seem to figure out how to show alerts for
    > blocked port requests or how to have programs ask for permission before
    > being able to access the net. Just from a paranoia perspective, I
    > prefer to have full control over all the program's access to the
    > internet.
    >
    > At first, I thought it just trusted all the programs that came stock
    > with the OS such as Firefox ... but I've been installing more progs like
    > VLC player and notice they have instant internet access too.
    >
    > thnx for any help
    >
    >

    this is true: in general, a completely default install of openSUSE and
    its default firewall (though without blinking red/green lights or your
    direct involvement giving permission to contact the net) is MORE
    secure and safe from bad stuff than what you used to use, even with a
    very expensive program that gave you all kinds of feeling of being
    _involved_ in staying secure..

    so, you are already better off than you were....relax a little and
    enjoy that as you learn what user practices can wreck the most glitzy
    flashing lights--like, browsing around as root, or installing software
    from unknown/untrusted sources, or using easy passwords, or using the
    same password for the user and root, or giving your root password to
    anyone else..

    my root password looks something like this: Kl_i#o108OR

    --
    Enjoy Packman's benefits? Show your appreciation by donating at
    http://se.unixheads.org/?donate

    DenverD
    CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

  4. #4

    Default Re: Question about the included firewall

    So basically the general consensus is don't worry about it because linux is more secure? Thats probably going to come slow and hard for me comming from a windows background. I bet the hardest thing won't be learning linux etc but just gradually relaxing my security standards. So how do you guys know what programs access what? For instance I would have never known Opera browser tries to accept connections from the internet (I always click no and it works just fine with only clicking "yes" for "Allow to connect to the internet"). I would have never known it was trying to accept connections if it wasn't for that firewall popup.

    Quote Originally Posted by DenverD View Post
    user practices can wreck the most glitzy
    flashing lights--like, browsing around as root, or installing software
    from unknown/untrusted sources, or using easy passwords, or using the
    same password for the user and root, or giving your root password to
    anyone else..
    Great advice (for any OS)
    openSUSE 11.3 (KDE)

  5. #5
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Question about the included firewall

    My take is that the open source community is more upfront about what their software does and I'm satisfied that the accesses that is are made are ok by me. Opera is not open source by the way. But if you have a border firewall, that access (which I believe is a sort of mini website feature) should be ineffectual. Windows however has UPNP where apps could open up the firewall, in the name of convenience.

    So I see the risk as not so much the platform as the apps that are run on the platform.

    With my policy I spend less time micromonitoring apps and more time having fun.

    Mind you, monitoring access by application is still very crude. When you browse a page in your web browser, who knows what sites it picks up in images, popups, etc. You are basically trusting that your web browser is as secure as can be up to that point. Which is why there are so many security updates to Firefox etc. as new possible holes are discovered.

    But if restriction by app is your thing, you could check out nufw technology: NuFW Project Homepage where outside access is trapped and has to be authenticated. Not exactly a weekend project though.

  6. #6
    Join Date
    Sep 2009
    Location
    India
    Posts
    24

    Default Re: Question about the included firewall

    While I agree about the security aspects of Linux, is there a way to identify applications phoning in home?

    It could be even applications such as Java that seek periodic updates - can we monitor those?

  7. #7
    Join Date
    May 2009
    Location
    Essex. England, UK, EU
    Posts
    56

    Default Re: Question about the included firewall

    I think NewbieLLP requires some psychological support during the conversion from Windoze to Linux. The latest Windoze version asks lots of questions such as "did you start this program?", "Are you sure?" etc etc and the red/green lights and these things give the user a feeling that they are being protected.

    AppArmour (AppArmor - Wikipedia, the free encyclopedia - for starters) does all this without asking silly questions. Linux is far more secure due to its architecture but this is not obvious at first. So it might appear from the M$ users point of view that Linux is doing nothing to keep you secure.

    To tell a M$ user "don't worry Linux just does it" might not help a newbie - even if it is true. The user intervention is missing and so is the feeling that it is okay. As DenverD says above, if you spend all that money on antivirus and a firewall - you can only hope that it works. Otherwise you have wasted your money and your time.

    Enjoy linux and the fact that your browser is twice as fast as the Doze version as it is not checking everything that comes in for attack. It does just work.

  8. #8
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Question about the included firewall

    mailglasso wrote:
    > is there a way to identify applications phoning in home?


    wireshark can be used to "capture" all traffic in and out of your
    machine...such would allow you to 'see' who is calling where and when..

    note: there is a LOT of stuff going on, you will have to filter out
    all the ho-hum to have any chance to 'catch' some "phone home" activity..

    my advice is to *always* use common security practices (strong root
    pass, etc etc etc etc) and then _relax_ some as you *always* use open
    source.....which give you thousands of eyes looking at the source code
    seeking malicious intent..

    on the other hand, use proprietary and closed source with GREAT caution..

    ps: i've never run wireshark...and, i've not run any anti-AV or
    anti-malware since i left M$ in 1995 (but, i am behind a firewall/NAT
    router, etc)....ymmv

    --
    DenverD
    CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

  9. #9
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Question about the included firewall

    clatworthy wrote:
    > I think NewbieLLP requires some psychological support during the
    > conversion from Windoze to Linux.


    i freely admit that by running away from Redmond in 1995 i was spared
    from a constant anguish and fear of being overrun and invaded by
    hoards of virii/viruses and malware..

    and i appreciate that i should try to build up a level understanding
    of the tremendous apprehension and fright common among M$ users prior
    to advising new folks here on how to break their habit of being
    constantly on alert for the next big attack wave wanting to co-opt
    their machine for yet more zombie bot-net duty..

    hmmmmm, if i were a programmer i'd make a program with blinking
    lights, asking questions like "Is it ok with you that Firefox is
    checking to see if there are new add-ons available?" or, "Will you
    allow YaST to check for new software?" and etc..

    and, i'd charge about $10 per year per user and considering how
    willing many are to pay to "feel" secure and in control, i'd guess i
    be soon very rich..

    --
    DenverD
    CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

  10. #10
    Join Date
    Aug 2008
    Location
    Seattle, WA
    Posts
    1,376

    Default Re: Question about the included firewall

    Quote Originally Posted by DenverD View Post
    this is true: in general, a completely default install of openSUSE and
    its default firewall (though without blinking red/green lights or your
    direct involvement giving permission to contact the net) is MORE
    secure and safe from bad stuff than what you used to use, even with a
    very expensive program that gave you all kinds of feeling of being
    _involved_ in staying secure.
    It's possible to maintain a secure Windows system, but yea, it takes a lot of "involvement." I ran XP for years without being compromised, but sometimes I was spending more time defending my system than I was enjoying it. Easy to use? Some people seem to see things like rebuilding their system as normal operation.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •