Linux Firewall - Page 11

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Enhancing Network Security: NethSecurity 8.1 Release Overview

NethSecurity is a Linux firewall that has been gaining traction in the open-source Linux space. Its proactive approach to network management and security has set it apart. ...
Jul 11, 2024
  0

An Introduction to UFW, Ubuntu’s ‘Uncomplicated’ Firewall

Iptables are the cornerstone for configuring firewalls ...
Dec 31, 2023
  356
2.Motherboard Esm H115

The Open Source Firewall – IPFire 2.27 – Core Update 173 Released: What’s New?

Get ready to experience the best of IPFire 2.27 – Core ...
Mar 01, 2023
  786
32.Lock Code Circular Esm H115

Discover Firewalls News

UnderLinux Interviews Core Netfilter Member

UnderLinux Interviews Core Netfilter Member

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

bit_of_love sent us a note about an interview with Harald Welte. "UnderLinux has an interesting interview with Harald Welte, member of netfilter/iptables project core team. Harald told about his carrer, dificulties in iptables project, Brazil and Free software, GNU/HURD and, of course, the new iptables2 to kernels 2.5.x/2.6.x.". . .

Running Your Firewall in runlevel 0

Running Your Firewall in runlevel 0

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mike Murray describes how he patched the 2.2 Linux kernel to run an ipchains packet filtering firewall when the machine is halted. "As systems administrators, it's often funny how new and interesting information ends up in our hands. Sometimes, it's through an intentional course of study; other times, it seems to arrive by accident. That's exactly how the concept of using a halted Linux computer as a firewall occurred to me. . . .

Inside the Linux Packet Filter

Inside the Linux Packet Filter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In Part I of this two-part series on the Linux Packet Filter, Gianluca describes a packet's journey through the kernel. Network geeks among you may remember my article, ``Linux Socket Filter: Sniffing Bytes over the Network'', in the June 2001 issue of LJ, regarding the use of the packet filter built inside the Linux kernel.. . .

Use Linux firewall to fend off hackers

Use Linux firewall to fend off hackers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A firewall is software that prevents the flow of Internet traffic. Businesses and large network administrators use firewalls to contain traffic and maintain security. Firewalls keep traffic out, or they keep it in. A simple firewall configuration for most home users would block all outside traffic not generated at the users' request.. . .

Building a Linux Firewall

Building a Linux Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The 2.4 Kernel of Linux has a great tool called netfilter, which is a framework for creating firewalls. Many new Linux distributions such as RedHat 7.1 come with basic firewall rulesets that allow you to automatically create low, medium, or high . . .

PCX IP Tables Firewall

PCX IP Tables Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

PCX Firewall is a perl script which works with several configuration files to generate 3 shell scripts (startfw, stopfw, and restartfw) which actually do the real work of the firewall. The design goal was to develop a complete IPTables based . . .

Reverse firewall dams DoS flood

Reverse firewall dams DoS flood

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a bid to fight the growing menace from computer and router-based denial of service (DoS) attacks, security firm have developed a technique to dam the DoS data flood at source. Using funding from the Defence Advanced Research Projects Agency . . .

Defense Mechanisms

Defense Mechanisms

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There's no question that firewalls are a key weapon in the IT arsenal. From a business perspective, the case for purchasing the right firewall for the job at hand is simple: Downtime costs money. Lost data costs money. A hacked site . . .

Guide to Firewall Selection and Policy Recommendations

Guide to Firewall Selection and Policy Recommendations

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A draft of the Guide to Firewall Selection and Policy Recommendations (.pdf format) is now available for public comment. This document is intended for technical managers in the firewall and network security areas, but it would also prove useful to those wishing to know more about firewall technology and recommended policies. . . .

Transparent Proxying with Squid

Transparent Proxying with Squid

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Transparent proxying frees you from the hassle of setting up individual browsers to work with proxies. If you have a hundred, or a thousand, users on your network, it's a pain to set up each browser and to use proxies -- or to try to convince users to go into their preferences and type in these symbols they don't understand.. . .

Firewalls not perfect but needed these days

Firewalls not perfect but needed these days

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the numbers of hackers and viruses these days, everyone who has a computer that's connected to a network -- including the Internet -- should have a firewall or be running behind one. This is a Q&A sessions about firewalls with . . .

Netfilter and iptables: Stateful firewalling for Linux

Netfilter and iptables: Stateful firewalling for Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

... the latest Linux kernel, version 2.4, offers a number of improvements over the 2.2 kernel that make Linux a viable alternative for corporate firewalls. Netfilter, Linux's in-kernel "packet mangling" infrastructure, and iptables, the administrative tool that manages it, represent a . . .

10 minutes to an iptables-based Linux firewall

10 minutes to an iptables-based Linux firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The 2.2 version of the Linux kernel used the ipchains application to control the firewall. For standard firewalling, ipchains is a decent solution. We still use it on some of our machines, and there is still a positive argument for 2.2 . . .

FTP and NAT: solutions

FTP and NAT: solutions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The FTP protocol has strange peculiarities that make working behind a firewall somewhat difficult if not quite impossible. This document explains the problem, and solutions for both client and server behind a gateway doing NAT. AFAIK, it's the first time a solution is proposed for the server. Details of this solution are given for OpenBSD.. . .

Taming the Wild Netfilter

Taming the Wild Netfilter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For those of you who have taken the plunge and upgraded from kernel 2.2.X (or even 2.0.X) to 2.4.X, congratulations. If, like a number of folks, you're running some form of firewall using either ipchains or ipfwadm, your scripts may work . . .

IPFilter on OpenBSD

IPFilter on OpenBSD

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

What is IPFilter? Very simply, a package for permitting (or passing) and denying IP packets based on a range of criteria. It can also provide Network Address Translation (NAT) services, if desired. The IPFilter web site has more details. . . .

The Firewall Fetish

The Firewall Fetish

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewalls are the bestsellers of tech security, cheap, formulaic and popular. Like a good paperback, they offer a pleasant escape from reality. An entire generation of business executives has come of age trained on the notion that firewalls are the . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved