Results 1 to 7 of 7

Thread: Firewall is working

  1. #1

    Default Firewall is working

    Firewall. It's working, but I've never seen that any application can't interact with internet. On Windows, firewalls are supposed to work like blocking individual programs or other more global options. Will appreciate any reply.

    Firewall and apparmor are working, and I've left them untouched after installation. Never seen any rules for any program however. All programs may connect. I still believe my system is secure as it's more secure than win or os x right and I'm a simple user (no server things).
    So....?

  2. #2
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,698
    Blog Entries
    1

    Default Re: Firewall is working

    Quote Originally Posted by rockin View Post
    Firewall. It's working, but I've never seen that any application can't interact with internet. On Windows, firewalls are supposed to work like blocking individual programs or other more global options. Will appreciate any reply.

    Firewall and apparmor are working, and I've left them untouched after installation. Never seen any rules for any program however. All programs may connect. I still believe my system is secure as it's more secure than win or os x right and I'm a simple user (no server things).
    So....?
    SuSEfirewall2 is designed to block unsolicited traffic from the outside by default, not connection-related or outgoing traffic by default. (It does not behave like a Windows firewall.)
    SuSEfirewall2 is basically a script that generates iptables rules from configuration stored in the /etc/sysconfig/SuSEfirewall2 file. SuSEfirewall2 protects you from network attacks by rejecting or dropping some unwanted packets that reach your network interface.
    More info:
    https://en.opensuse.org/SuSEfirewall2
    https://doc.opensuse.org/documentati....firewall.html
    Last edited by deano_ferrari; 20-Aug-2017 at 22:54.

  3. #3

    Default Re: Firewall is working

    Just to elaborate a tiny bit, it can block outbound too, but, as stated,
    does not "by default". NetFilter, the technology within the kernel that
    does firewalling and is controlled by SuSEfirewall2 scripts or various
    iptables commands directly, can be tuned to block inbound, outbound, or
    various other flows of data (forwarded, masqueraded, etc.) via various
    "tables" (thus, iptables). it's pretty powerful, and correspondingly
    complex. As a result it may be a good idea to share a business case for
    your need for blocking outbound so we can makesure you're using the right
    technology.

    AppArmor uses hooks within the kernel to limit what running programs do,
    usually within the system itself more than the network, and may be a good
    candidate to confine applications you do not trust, though all of the use
    cases I've around "prevent appX from going to the network" have made me
    wonder why appX was in use in the first place.

    --
    Good luck.

    If you find this post helpful and are logged into the web interface,
    show your appreciation and click on the star below.

    If you want to send me a private message, please let me know in the
    forum as I do not use the web interface often.

  4. #4
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    13,295
    Blog Entries
    2

    Default Re: Firewall is working

    Quote Originally Posted by deano_ferrari View Post
    SuSEfirewall2 is designed to block unsolicited traffic from the outside by default, not connection-related or outgoing traffic by default. (It does not behave like a Windows firewall.)


    More info:
    https://en.opensuse.org/SuSEfirewall2
    https://doc.opensuse.org/documentati....firewall.html
    Actually,
    That's how Windows Firewall works, too.
    Same as how SuSEFW configures iptables by default.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  5. #5
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,698
    Blog Entries
    1

    Default Re: Firewall is working

    Quote Originally Posted by tsu2 View Post
    Actually,
    That's how Windows Firewall works, too.
    Same as how SuSEFW configures iptables by default.

    TSU
    I was really referring to windows firewall architecture around blocking application traffic. (That's what the OP seemed to be wondering about.)

  6. #6

    Default Re: Firewall is working

    Thanks, so.... as I understand, if a connection is not initiated by program on computer, then it's not accepted. That's very good. I hope it's true for wireless too as that makes a little bit more insecure.
    "Business case" hmm? It's just a single computer I dont know if I need to block outbound as all apps were from official sources except 1 thing from "obs" (should not have done that). As it seems to me now, it's safe with firewall_2 ,default, though core system is not updated to the very last version from 4 default repositories.

  7. #7

    Default Re: Firewall is working

    On 08/31/2017 10:36 AM, rockin wrote:
    >
    > Thanks, so.... as I understand, if a connection is not initiated by
    > program on computer, then it's not accepted. That's very good. I hope
    > it's true for wireless too as that makes a little bit more insecure.


    It is true for all inbound traffic ever unless you change it. It is the
    default for all three of the default zones inbound, even, and not just the
    external or DMZ zones, so you really do need to allow traffic in
    explicitly to have anything make it to the box from outside of the box.

    Secure by default is the best standard, and SUSE does a decent job with
    that, though allowing exceptions (in firewalls) to be made easily as
    needed (web servers, SSH services, NFS, etc.) via Yast or other tools.

    --
    Good luck.

    If you find this post helpful and are logged into the web interface,
    show your appreciation and click on the star below.

    If you want to send me a private message, please let me know in the
    forum as I do not use the web interface often.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •