Networking opens up a whole new world of computing. Unfortunately, it also opens up your computer to a whole new world of security risks. Prudence dictates that you keep a good firewall between your computer and the bad guys, be it the Internet or just that jerk down the hall. There are numerous programs to help you set up a firewall. My experience is that either they are good but with limited flexibility (e.g., Bastille) or are just pretty faces on the raw power and complexity of iptables. Marc Hease of SuSE has written a package — SuSEfirewall2 — that provides a fair amount of the "expertise in a box" necessary if you aren't ready to become a firewall-rules guru.
The core of SuSEfirewall2 is a bash script that builds the firewall rules from one or two configuration files. The main configuration file describes the NICs on the firewall computer, the servers you are running, and which computers you trust and to what degree. The second configuration file is optional and only used to extend the package's capabilities.
By Jeffrey L. Taylor at Unix Review.
[ Read more ]
- Review: Personal Firewalls for Administrators and Remote Users (13 March 2003)
- Review: Firewalls and Internet Security: Repelling the Wily Hacker 2/e (30 January 2003)