Firewalls Linux

Posted by Army | Saturday, March 20, 2010

Firewalls are ameans of controlling what information is allowed into and out of your
local network. Typically the firewall host is connected to the Internet and your local
LAN, and the only access from your LAN to the Internet is through the firewall. This
way the firewall can control what passes back and forth from the Internet and your
LAN.

There are a number of types of firewalls and methods of setting them up. Linux machines
make pretty good firewalls. Firewall code can be built right into 2.0 and higher
kernels. The user-space tools ipfwadm for 2.0 kernels and ipchains for 2.2 kernels,
allows you to change, on the fly, the types of network traffic you allow. You can also
log particular types of network traffic.
Firewalls are a very useful and important technique in securing your network.
However, never think that because you have a firewall, you don’t need to
secure the machines behind it. This is a fatal mistake. Check out the very good
Firewall-HOWTO at your latest metalab archive for more information on firewalls
and Linux. http://metalab.unc.edu/mdw/HOWTO/Firewall-HOWTO.html
More information can also be found in the IP-Masquerade mini-howto:
http://metalab.unc.edu/mdw/HOWTO/mini/IP-Masquerade.html
More information on ipfwadm (the tool that lets you change settings on your firewall,
can be found at it’s home page: http://www.xos.nl/linux/ipfwadm/
If you have no experience with firewalls, and plan to set up one for more than just a
simple security policy, the Firewalls book by O’Reilly and Associates or other online
firewall document is mandatory reading. Check out http://www.ora.com for more
information. The National Institute of Standards and Technology have put together
an excellent document on firewalls. Although dated 1995, it is still quite good. You
can find it at http://csrc.nist.gov/nistpubs/800-10/main.html. Also of interest:
• The Freefire Project -- a list of freely-available firewall tools, available at
http://sites.inka.de/sites/lina/freefire-l/index_en.html
• SunWorld Firewall Design -- written by the authors of the O’Reilly book, this
provides a rough introduction to the different firewall types. It’s available at
http://www.sunworld.com/swol-01-1996/swol-01-firewall.html
• Mason - the automated firewall builder for Linux. This is a firewall script that
learns as you do the things you need to do on your network! More info at:
http://www.pobox.com/~wstearns/mason/

Posts Relacionados
    This entry was posted on Saturday, March 20, 2010 at at 9:28 PM and is filed under You can follow any responses to this entry through the RSS 2.0


    0 comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)