[opensuse] sorting firewall utility

From: jdd <jdd@xxxxxxxxx>
Date: Fri, 12 Oct 2007 11:17:24 +0200

Hello,
I'm on the way of configuring a hosted server and wonder why I should setup a firewall.

AFAIK, a firewall have several goals:
* secure an internal network,
* NAT
* redirect ports
...?

none of these goals are relevant for a single host.

If I understand well the Linux network way of life, no application is listening a port if not instructed to do so, so there is no reason to forgive a port access on a one root user host.

single user will be restricted to sftp (in write sense)

I have for now installed apache and vsftp and will have some more, but still very limited applications running

is that basically good?

thanks
jdd
--
http://www.dodin.net
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

Prev by Date: Re: [opensuse] 32 bit Seamonkey & Firefox on 64 bit 10.3
Next by Date: [opensuse] Network upgrade
Previous by thread: [opensuse] what is the different between proxy-squid and proxy-suite? 2nd... vnc gone n left tight vnc? what happen? now nx server come out? so confuse !! help
Next by thread: [opensuse] Network upgrade
Index(es):
- Date
- Thread

Relevant Pages

Re: Port 6655
... This is a Windows XP box and Windows Firewall is DISABLED (as a rule on all ... My Internal Network Definition on the ISA is configured as follows: ... enabled port 6655 every way I know how and it's still not working. ... firewall" running on this box, get rid of it or disable it, getting rid of ...
(microsoft.public.isa)
Re: [fw-wiz] Permissive Firewall Policy
... policy, web caching servers, and removed the internet firewall as the ... machines on the internal network attempting to DOS external victims ... Any port can be a "bad" port ...
(Firewall-Wizards)
Re: Running DHCP on Firewall
... that is going to UDP port 68 to be dropped. ... from the internal network, and not relay these updates to your ISP's ... >> I'm thinking about setting up a firewall using linux and iptables. ... If someone makes it through the firewall your DHCP service ...
(comp.security.firewalls)
Re: Need https,portscan help
... > The IT dept gave me an external IP and http requests to that ip (port ... I have NO TROUBLE using https within the internal network, ... > just fron outside the firewall. ...
(alt.computer.security)
Re: Inline firewalls vs. Inline firewalls "spaced out"
... You internal network should only be able to talk outwards, ... the first design. ... a third firewall has to be compromised. ... > greater security to your web boxes than the first design. ...
(Security-Basics)