Configuring Linux as a Firewall

Discussion in 'ASP .Net' started by rada.lambretha@gmail.com, Mar 1, 2008.

  1. Guest

    Configuring Linux as a Firewall


    * Making installation choices
    * Introducing iptables
    * Using iptables commands
    * Simplifying things with firewall GUIs
    * Adding proxy functionality

    As Linux gains increasing acceptance in corporate datacenters and
    other places, more and more people are discovering something that
    Linux enthusiasts have known for a long time: Linux has built-in
    firewall features that allow an administrator to build a firewall.
    Recent versions of Linux generally ship with at least basic firewall
    capabilities, and several Linux versions include even more advanced
    features. Because Linux is open source software, and because it has
    only minimal hardware requirements, you can build a Linux-based
    firewall relatively inexpensively. Be forewarned, though -- doing so
    does require some knowledge of Linux and how it fits into the
    networking scheme of things.
    Making Installation Choices

    To use the firewall built into Linux, you should make sure that the
    operating system you install includes iptables functionality. Iptables
    is the most popular Linux firewall, and this chapter covers it in
    detail. Fortunately, most Linux distributions do this by default, so
    you probably don't have to worry about this.

    Before you install Linux, make sure that all your network cards and
    any modem that you may use are installed in your computer. Generally,
    it's much easier to have all your hardware in place before installing
    your Linux software than it is to install Linux first and then try to
    get Linux to recognize all the hardware stuff after the fact.

    Red Hat Linux, in its ongoing effort to be top dog in the Linux field,
    goes one step further along the customer satisfaction road by giving
    you a choice of configuring the firewall during installation. One of
    the screens that you see during the installation procedure is shown in
    Figure 1. The choices you see on this screen are good starting points,
    whether you are just setting up a personal computer, or whether you
    are planning to configure a corporate firewall. Of course, when you
    are indeed configuring a dedicated firewall, you will have to perform
    some additional configuration after the installation is complete.

    If you are using another distribution, just skip this section and go
    on to the section on iptables. The process of configuring the firewall
    after installation is virtually identical in all Linux distributions.
    Let's look at each of the available choices:

    _ Off: This option does just what its name implies: It configures
    Linux to allow all network traffic to enter or leave the computer.
    Obviously, this is not an appropriate setting for a firewall unless
    you want to do all your configuring at some later point. (No, deciding
    just to skip this whole firewall business is not an option. Need to
    reread Chapter 1?)

    _ Medium: This is an appropriate choice if you want to use Linux as a
    personal firewall or if you are installing a server that performs
    limited functions, such as a Web server. When you select this option,
    Linux configures iptables to allow certain types of traffic into your
    computer. You can specify which types of traffic are allowed; for
    example, you can disable HTTP traffic or allow SMTP traffic. One of
    the limitations of the Red Hat setup program is that it can only
    perform very simple firewall configuration tasks for you. Keep in mind
    that you can add or remove rules later, but if you already know which
    traffic you want to allow and which traffic you want to block, you can
    easily configure this during setup.

    _ High: When you select this option, you enable and configure the
    iptables firewall to block all traffic. This is the configuration that
    you should choose when you install a dedicated firewall. Best
    practices dictate that you configure your firewall to drop all network
    traffic unless you specifically allow it. Choosing this option gives
    you this starting configuration; you get to do all the other
    configuration steps after the operating system installation is
    complete.

    Read the complate article at http://www.network.79br.com
     
    , Mar 1, 2008
    #1
    1. Advertising

  2. Why is this is important to ASP.NET users ?




    Juan T. Llibre, asp.net MVP
    asp.net faq : http://asp.net.do/faq/
    foros de asp.net, en espaƱol : http://asp.net.do/foros/
    ======================================
    <> wrote in message news:...
    > Configuring Linux as a Firewall
    >
    >
    > * Making installation choices
    > * Introducing iptables
    > * Using iptables commands
    > * Simplifying things with firewall GUIs
    > * Adding proxy functionality
    >
    > As Linux gains increasing acceptance in corporate datacenters and
    > other places, more and more people are discovering something that
    > Linux enthusiasts have known for a long time: Linux has built-in
    > firewall features that allow an administrator to build a firewall.
    > Recent versions of Linux generally ship with at least basic firewall
    > capabilities, and several Linux versions include even more advanced
    > features. Because Linux is open source software, and because it has
    > only minimal hardware requirements, you can build a Linux-based
    > firewall relatively inexpensively. Be forewarned, though -- doing so
    > does require some knowledge of Linux and how it fits into the
    > networking scheme of things.
    > Making Installation Choices
    >
    > To use the firewall built into Linux, you should make sure that the
    > operating system you install includes iptables functionality. Iptables
    > is the most popular Linux firewall, and this chapter covers it in
    > detail. Fortunately, most Linux distributions do this by default, so
    > you probably don't have to worry about this.
    >
    > Before you install Linux, make sure that all your network cards and
    > any modem that you may use are installed in your computer. Generally,
    > it's much easier to have all your hardware in place before installing
    > your Linux software than it is to install Linux first and then try to
    > get Linux to recognize all the hardware stuff after the fact.
    >
    > Red Hat Linux, in its ongoing effort to be top dog in the Linux field,
    > goes one step further along the customer satisfaction road by giving
    > you a choice of configuring the firewall during installation. One of
    > the screens that you see during the installation procedure is shown in
    > Figure 1. The choices you see on this screen are good starting points,
    > whether you are just setting up a personal computer, or whether you
    > are planning to configure a corporate firewall. Of course, when you
    > are indeed configuring a dedicated firewall, you will have to perform
    > some additional configuration after the installation is complete.
    >
    > If you are using another distribution, just skip this section and go
    > on to the section on iptables. The process of configuring the firewall
    > after installation is virtually identical in all Linux distributions.
    > Let's look at each of the available choices:
    >
    > _ Off: This option does just what its name implies: It configures
    > Linux to allow all network traffic to enter or leave the computer.
    > Obviously, this is not an appropriate setting for a firewall unless
    > you want to do all your configuring at some later point. (No, deciding
    > just to skip this whole firewall business is not an option. Need to
    > reread Chapter 1?)
    >
    > _ Medium: This is an appropriate choice if you want to use Linux as a
    > personal firewall or if you are installing a server that performs
    > limited functions, such as a Web server. When you select this option,
    > Linux configures iptables to allow certain types of traffic into your
    > computer. You can specify which types of traffic are allowed; for
    > example, you can disable HTTP traffic or allow SMTP traffic. One of
    > the limitations of the Red Hat setup program is that it can only
    > perform very simple firewall configuration tasks for you. Keep in mind
    > that you can add or remove rules later, but if you already know which
    > traffic you want to allow and which traffic you want to block, you can
    > easily configure this during setup.
    >
    > _ High: When you select this option, you enable and configure the
    > iptables firewall to block all traffic. This is the configuration that
    > you should choose when you install a dedicated firewall. Best
    > practices dictate that you configure your firewall to drop all network
    > traffic unless you specifically allow it. Choosing this option gives
    > you this starting configuration; you get to do all the other
    > configuration steps after the operating system installation is
    > complete.
    >
    > Read the complate article at http://www.network.79br.com
     
    Juan T. Llibre, Mar 1, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Robert Dodier
    Replies:
    6
    Views:
    2,364
    Matthias Kraft
    Sep 14, 2004
  2. Satya Kiran

    Configuring IDLE on Linux

    Satya Kiran, Jul 14, 2006, in forum: Python
    Replies:
    2
    Views:
    7,186
    Ben C
    Jul 16, 2006
  3. Replies:
    1
    Views:
    99
    Todd Benson
    Mar 1, 2008
  4. Ryan Ritten

    Configuring Perl for Linux 8

    Ryan Ritten, Nov 27, 2003, in forum: Perl Misc
    Replies:
    1
    Views:
    99
    Keith Keller
    Nov 27, 2003
  5. Replies:
    1
    Views:
    142
    The Natural Philosopher
    Mar 1, 2008
Loading...

Share This Page