Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] setting up a firewall
  • From: Gordon Pritchard <gordon.pritchard@xxxxxxxxx>
  • Date: 06 Feb 2002 09:13:53 -0800
  • Message-id: <1013015633.6743.35.camel@xxxxxxxxxxxxxxxxxxxxx>
On Wed, 2002-02-06 at 03:04, Brown, Daniel (staff) wrote:

> Would someone be willing to answer my questions about setting up the
> personal firewall on SUSE 7.2? I have some questions about it:
>
> 1) I have enabled the firewall in /etc/rc.config but how do I check that it
> is working correctly?

I hope someone with (much!) more knowledge will chime in, but in the
meantime, here are some rough ideas to get you started...

First, you should check that the services you want to use are still
working. For me, that would include DHCP (my machine is a client),
Realaudio, web-access for surfing, SSH from outside, etc.
Fix the stuff you *need* first.

Then, I find it useful to use grc.com as a test-site. Use his "shields
up" test, then port-probes. I was horrified to initially see a bunch of
ports which were open to the world :-(
To deal with these, you should consider a two-pronged approach -
turning the service off, and configuring the firewall. For services
such as finger, telnet, and ftp I turned these off (commented out lines
in inted.conf), as well as silently throwing away incoming attempts.
Keep working 'til grc.com gives you a clean bill of health. Then, if
you can find someone with more-sophisticated scanning tools, you can
really give your machine a thorough test. Maybe your employer's IT
department can test your machine for you (this is what I did).

Good luck! I hope this gets you started on the right foot, Dan.

-Gord

--
Gordon Pritchard, P.Eng., Member IEEE
Technical University of B.C. - Research Lab Engineer
mailto:gordon.pritchard@xxxxxxxxx
direct phone: 604-586-6186


< Previous Next >