Results 1 to 8 of 8

Thread: Recommendation of a good second party firewall.

  1. #1

    Default Recommendation of a good second party firewall.

    Could you recommend a good second party firewall?
    A firewall which works well with the SuSE operating system (version 12.1).
    Once I've installed this firewall.
    Is there anything particular details I need to be aware of.

    Thank You,
    Lleo72g

  2. #2
    Join Date
    Oct 2008
    Location
    Glasgow, Scotland
    Posts
    1,153

    Default Re: Recommendation of a good second party firewall.

    Why?

    The Linux kernel incorporates IPtables. For this reason high-end firewall appliances use Linux. Bolt-on firewalls are only needed when the operating system was not fundamentally designed to be networked. The firewall management in YaST is adequate for most server or desktop use. It falls down if you are using openSuSE as a router/gateway/bridge/packet filter etc. Then you would probably be better writing the table rules manually, or using a specialist distribution.

  3. #3

    Default Re: Recommendation of a good second party firewall.

    On 01/15/2012 02:36 PM, eng-int wrote:
    >
    > Why?
    >
    > The Linux kernel incorporates IPtables. For this reason high-end
    > firewall appliances use Linux. Bolt-on firewalls are only needed when
    > the operating system was not fundamentally designed to be networked.
    > The firewall management in YaST is adequate for most server or desktop
    > use. It falls down if you are using openSuSE as a
    > router/gateway/bridge/packet filter etc. Then you would probably be
    > better writing the table rules manually, or using a specialist
    > distribution.


    Indeed. And if the OP isn't yet comfortable writing rules by hand,
    packages such as Firewall Builder can be quite handy. There's a couple
    others that are similar - the names escape me at the moment...

    ....Kevin
    --
    Kevin Miller - http://www.alaska.net/~atftb
    Juneau, Alaska
    In a recent survey, 7 out of 10 hard drives preferred Linux
    Registered Linux User No: 307357, http://linuxcounter.net

  4. #4
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Recommendation of a good second party firewall.

    On 2012-01-15 23:56, Lleo72g wrote:
    >
    > Could you recommend a good second party firewall?


    Shorewall?

    The firewall is the same, iptables. What changes is what configures iptables.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  5. #5
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Recommendation of a good second party firewall.

    On 01/15/2012 11:56 PM, Lleo72g wrote:
    > Could you recommend a good second party firewall?


    -=WELCOME=- new poster..

    openSUSE 12.1 (and all the previous for over a decade) are born with an
    operating firewall..

    you can read all about it by working your way through the hits here:

    http://www.google.com/search?q=site%...e.org+firewall

    but i can save you a lot of time: i never touch the default installed
    firewall!

    the way it is default installed has always worked for me....now, i do
    admit that i do the routine security practices like: have strong root
    and user passwords (different passwords for each); never browse, mail or
    even log into KDE/Gnome etc as root; install and set up rkhunter to
    monitor for root kits; exercise normal caution when handling executables
    from untrusted sources; etc

    --
    DD http://tinyurl.com/DD-Caveat http://tinyurl.com/DD-Hardware
    http://tinyurl.com/DD-Software
    openSUSE®, the "German Engineered Automobiles" of operating systems!

  6. #6

    Default Re: Recommendation of a good second party firewall.

    Could you recommend a good second party firewall? Part two.

    I don't quite understand what you mean by the phrase.

    "never browse, mail or even log into KDE/Gnome etc as root."

    clarify.

    I have SuSE operating system installed on two separate hard drives.
    One is set to KDE internface.
    The second is setup to Gnome interface.

    Thank You,
    Lleo72g

  7. #7
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: Recommendation of a good second party firewall.

    On 01/16/2012 06:36 PM, Lleo72g wrote:
    >
    > I don't quite understand what you mean by the phrase.
    > "never browse, mail or even log into KDE/Gnome etc as root."
    > clarify.


    when you boot up, do you see a screen where you have to enter your
    password...there are two blanks (or more, depending on how maybe users
    you have created) on that screen: one is for the username, and the other
    for the password..

    *if* you type 'root' in the username block and then the root password in
    the other you are logging into KDE/Gnome as root--do NOT do that, ever.
    for lots of reasons you should never log into KDE/Gnome/XFCE or any
    other *nix-like system's graphical user interface desktop environment as
    root..

    doing so 1) opens you up to several different security problems if you
    (for example) browse the net, 2) too many, far too easy ways to damage
    your system no matter how careful your actions (for
    example: well documented cases of unintended change of ownership of
    ~/.ICEauthority and ~/.Xauthority from user to root sometimes occurs),
    3) anyway logging into KDE/etc as root is *never* required to
    do any and all administrative duties, 4) and, not even logging in as
    root just to see if it works as root is useful, because the "yes" or
    "no" learned is almost always totally useless in finding the
    problem giving the symptoms...while, logging into the GUI as root to
    learn the yes/no could _cause_ the next adverse symptom encountered.

    so, always log in as yourself, and "become root" by using a root powered
    application (like YaST, File Manager Superuser Mode) or using "su -",
    sudo, kdesu, or gnomesu in a terminal to launch whatever tool is needed
    (like Kwrite to edit a config file)...read more on all that here:

    http://tinyurl.com/593e4c
    http://tinyurl.com/ydbwssh
    http://tinyurl.com/6bo2cqg
    http://tinyurl.com/4nsaqst
    http://tinyurl.com/665h5ek
    http://tinyurl.com/6ry6yd

    additionally: after logging into KDE/Gnome/etc as root, if you
    experience problems (for example, with uncommanded file ownership and
    permissions changes) and if you can provide us with details of what you
    were doing while you were logged in as root, that would help us identify
    if there's a bug that needs to be fixed...thanks for your help..

    so, also it is possible to launch anything as root, even when logged in
    as yourself....like it is possible to launch Firefox as root and then go
    off browsing around the web as root--do NOT do that, ever.

    you could launch a mail program as root, while logged into as yourself
    and open a mail with a built in rootkit and BLAM, you have a root
    kit...so, do not do that!


    --
    DD http://tinyurl.com/DD-Caveat http://tinyurl.com/DD-Hardware
    http://tinyurl.com/DD-Software
    openSUSE®, the "German Engineered Automobiles" of operating systems!

  8. #8
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Recommendation of a good second party firewall.

    On 2012-01-16 18:36, Lleo72g wrote:
    > I have SuSE operating system installed on two separate hard drives.
    > One is set to KDE internface.
    > The second is setup to Gnome interface.


    Why? You can use one install with both interfaces.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •