Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
RE: [suse-security] [Info] Webmin SuSEfirewall2 Modul
  • From: Administrator <admin@xxxxxxxxxxxxxx>
  • Date: Wed, 10 Dec 2003 12:17:34 -0800
  • Message-id: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAACwMjaagd1hG6pwAGW0qIxsKAAAAQAAAAbgJFC2jEP0WDlsbnCo50zwEAAAAA@xxxxxxxxxxxxxx>



I have two questions following this convo.


1.) for the typical desktop installation there are several gui based
config utilities which help you configure your firewall.

2.) For the console based system are you suggesting being able to
remotely administer the firewall via a web console ? In my experience
I've witnessed systems scanned within 10 mins if initially going on the
web. I've seen windows systems rooted within 20 mins. Any firewall
config should be set up initially through a direct console login prior
to the system going online.
Perhaps after you can use a web utility to monitor the firewall but any
sort of remote configuration outside off encrypted login from a known
source will lead a false sence of security for new users.

> -----Original Message-----
> From: intraRedes [mailto:listas@xxxxxxxxxxxxxx]
> Sent: Wednesday, December 10, 2003 11:13 AM
> To: suse-security@xxxxxxxx
> Subject: Re: [suse-security] [Info] Webmin SuSEfirewall2 Modul
>
> On Fri, 05 Dec 2003 12:09:01 +0000
> Neil Anderson <cleidh_mor@xxxxxxxxxxxxxxx> wrote:
>
> |Philippe Vogel wrote:
> |
> |>Hello!
> |>
> |>For those, who like webmin: There is a new module to configure
> SuSEfirewall2
> |>from remote within webmin without any console knowledge.
> |>
> |>
> |Remote FW config? That's a bit dodgy isn't it? What happens if
someone
> |"accidently" blocks IP traffic? Having said that, if the project is
> |well thought out (ie stops newbies making obvious mistakes) it could
be
> |handy.
> |
> |Cheers,
> |Neil
> |
> |
> |
> |>You will find it here:
> |>
> |>http://www.intraredes.com/projects/
> |>
> |>Each button has an online-help with the SuSE-Comments inside the
> |>SuSEfirewall2
> |>
> |>I think this is a nice way for newbees to configure their firewall.
> |>
> |>For those who know what they do this is only for information.
> |>
> |>Philippe
> |>
>
> That's a good point!
>
> We are going to add a "test rules" option that, when activated
> will enable the new ruleset, and five minutes later, will restore the
> previous
> one. Next time you get into webmin you will be able to decide upon
making
> the
> changes effective or not.
>
> This way a newbie can safely test rules before going live.
>
>
> Thanks for the implicit suggestion. :)
>
>
>
>
> --
>
> Ing. Jorge Buchmann
> intraRedes SRL
> Tel/Fax: +5411 4342 0049
> Piedras 264, Piso 2 A
> C1070AAF Capital Federal
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here


< Previous Next >
References