firewall

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
minitrucker
Level 3
Level 3
Posts: 137
Joined: Thu Oct 20, 2011 12:32 am
Location: Alabama

firewall

Post by minitrucker » Sun Dec 11, 2011 3:34 am

pointers on what to deny in. things to limit out? I'm on open networks a lot. I'm reading up on security by actually reading hacking forums instead of security forums. As of right now only know enough to simply know I should try a lil harder to stay secure than I have with my false sense of "I'm on Linux, I don't have to worry" attitude. I also need to learn more about if I am being dooped by sites. Any help that can be provided is greatly appreciated.
I like everything custom. My vehicles, my Operating Systems, my bank accounts....... I guess I'm just spoiled........maybe

Am I Anonymous?
Am I Legion?
Can I Forgive?
I Forget What Happened 15min ago......
Should I expect myself?

grraf
Level 1
Level 1
Posts: 29
Joined: Fri Dec 09, 2011 1:50 pm

Re: firewall

Post by grraf » Sun Dec 11, 2011 9:16 am

First thing to do: u need to find out just were exactly do u stand security wise , here's a good and comprehensive place to start testing : http://www.grc.com/x/ne.dll?rh1dkyd2 (test anything and everything all the way from default ports blocked by yr isp to browser leaks)
after u discover what is wrong u can then start searching for solutions to plug the holes u found. U don't go around blocking/allowing things just because some (ill)informed/bene(mal)volent dude tells u so, more then anything carefully cross examine/check any change u plan to implement so u don't end as a random rape victim for a script kiddie clever enough to use a security audit tool to check on any and all (un)common configuration blunders.

minitrucker
Level 3
Level 3
Posts: 137
Joined: Thu Oct 20, 2011 12:32 am
Location: Alabama

Re: firewall

Post by minitrucker » Sun Dec 11, 2011 7:45 pm

that's all for windows.... or am I missing something
I like everything custom. My vehicles, my Operating Systems, my bank accounts....... I guess I'm just spoiled........maybe

Am I Anonymous?
Am I Legion?
Can I Forgive?
I Forget What Happened 15min ago......
Should I expect myself?

lmintnewb
Level 7
Level 7
Posts: 1568
Joined: Fri Apr 01, 2011 5:13 pm

Re: firewall

Post by lmintnewb » Sun Dec 11, 2011 11:40 pm

http://forums.linuxmint.com/viewtopic.p ... fw#p470725

Think by default gnu/Linux comes with all ports closed anyway. Enabling the firewall is only supposed to take a couple clicks in gufw. Don't have much to add here, just throwing out a link that's got some info about ufw in it. Wouldn't spend a ton of time stressing about it. Even in the security hole ridden mess known as windows, much of keeping up security is common sense practices. With gnu/Nix you have a greater safety cushion. Folks who've spend all this time developing Linux actually want the software to be great stuff. Folks over at M$ have a monopoly, so no real reason to stress too much about quality. They want you to buy their next OS. Making their last OS bullet proof and run great forever, isn't in their best interest matter of fact.

Went ahead and enabled a firewall and set it to deny all incoming connections by default. Mainly just for more peace of mind and having a background using M$'s poopware, thought safe than sorry and all that. If you intend to do certain stuff on your system, sure you'd have to learn about setting up firewall rules, port forwarding or whatever else. I don't, just a general purpose PC, so haven't invested a bunch of time trying to become a gnu/Linux firewall guru.

grraf
Level 1
Level 1
Posts: 29
Joined: Fri Dec 09, 2011 1:50 pm

Re: firewall

Post by grraf » Mon Dec 12, 2011 9:16 am

True, Grc mainly offer instructions on how to fix' windows security issues but the fact that u for example find port x open for anyone to access is a reason for concern regardless of what os u got, same goes for a computer's inability to remain stealth (aka deny(discard) any probing attempts made to confirm its presence) as well as what yr computer publishes about himself on query (like machine name/user name witch can be used as a starting point narrowing down the amount of time need for penetration (knowing a valid user name(or a machine's name on a network) for a pc is a rather usefull starting point(as most are dumb enough to use 'strong' passes like god/sex/date of birth/wife name etc) also important what yr browser exposes , for example a default configured browser includes in his header info the following : browser type and version ,OS type and version (including trivia such as 32/64 bit based :lol: )
All of that in turn gives a huge edge to the attacker as he now has managed to compile a list of neat stuff looking like this : computer unit at ip *.*.*.* has: ports x,y,z... open and ready to exploit , a valid user account named xyz and the machine is identified on his nework as zyx , he uses browser asd ver x.y(known to fall pray within seconds to exploits a...z) and hes OS is HJK(a true legend regarding vulnerabilities to remote access/stack overflows/.../a cat's sneeze)
Hopefully i somehow managed to open yr eyes a bit since u show interest in such things and pls don't be stunned/surprised when i tell u that even smb with mediocre computer programing skills based on a list like the one exemplified above can successfully compromise a (poorly configured)system's security within minutes(granted he'll most likely be using some tools designed by pro's in witch he inputs the findings on his list , but then again u don't exactly have a hard time finding those nowadays do ya ??)

lmintnewb
Level 7
Level 7
Posts: 1568
Joined: Fri Apr 01, 2011 5:13 pm

Re: firewall

Post by lmintnewb » Mon Dec 12, 2011 10:50 am

Public service post, got this link from a post by gn2. Looked like a fairly decent overview of gnu/Linux security. Am nothing close to an IT sec guru. Don't even wanna be, too lazy to invest the effort. Thought would go ahead and repost it here, case anyone wants the info.

http://ubuntuforums.org/showthread.php?t=510812

My opinion on the topic of Sec w gnu/Linux. Depends on what you're using your computer for. If you're running servers, admin'ing boxes with user accts, have other services the vast majority of PC users have no reason to ever bother with. Then yeah as mentioned already, yep ... In that case would think a wise Linux user would take more care in hardening their system(s). As in the link gn2 provided.

I don't do any of that stuff, most PC users don't do any of that. Tell the truth, even security with XP ( same applies to other M$ poopware) is not the be afraid be very afraid situation, many people seem to think it is, have some common sense and you're ahead of the game. ie: using a decent firewall, not installing software you found on nunslikeit2.com, keeping critical M$ updates sorta up to date, keep java n flashplayer up to date ( DO NOT use IE, why would anyone want to anyway ?) and various other junk. Admits to knowing a ton more about windows IT sec, than do Linux.

My understanding gnu/Linux is mucho more secure than M$ products ever thought about being anyway. If you're going to do high risk ( and/or stoopid stuff with your gnu/nix pc) Then yep ... might be a good idea to learn a bit about sec. Though in the second case ... there's no cure for stoopid, it's often a life long terminal illness, lol. If someone is bound and determined to infect their comp .. yep, no software is bullet/foolproof.

2 cents on this and some funny, though imo completely true obs about it.
(granted he'll most likely be using some tools designed by pro's in witch he inputs the findings on his list , but then again u don't exactly have a hard time finding those nowadays do ya ??)
Such folks are called script kiddies, vast majority of them are either a. Too stoopid, b. Too lazy or c. Both ... Mainly a menace to themselves and/or M$ users who are also a,b , c or d. Don't realize how craptastic M$ is and are unfortunate enough to find out the hard way. Eventually hopefully those poor souls, will hear about gnu/Linux and have a better computing experience.

If your pc became an interest to an uber leet hacker type person, cyber crime ring etc. Then could turn out bad for ya. Though they'd still imo have a much harder time hacking gnu/Linux and why bother when there are so many M$ users in the world who are sitting ducks ? The CIA might break into your house and mess with your PC too. Esp if you happen to be in a Tom Clancy movie or summin. :D

Don't see anything wrong with learning about IT sec if you have the time and interest. Or plan on using your comp for tasks as mentioned elsewhere in this book. Could even see where it'd be a necessary skill ( network admins) or a way to make a good living, if you learned to be good enough, sec audits etc. But for the most part would advise not letting your imagination get the better of ya and turn into a schizophrenic. Be afraid .... be very afraid !!!! boo ! What if da monster under my bed is peeking when I'm entering my PW ... oh noes ! To the batcave !

:D
Last edited by lmintnewb on Tue Dec 13, 2011 1:09 am, edited 1 time in total.

minitrucker
Level 3
Level 3
Posts: 137
Joined: Thu Oct 20, 2011 12:32 am
Location: Alabama

Re: firewall

Post by minitrucker » Mon Dec 12, 2011 10:00 pm

Don't worry I'm not afraid of anything, really. Although the reason I am now on a Linux box is cuz M$ bit the dust hard(from a virus I'm fairly sure) I understand how much safer and more difficult to crack Linux is. One of the main things is I'm on open networks a lot since I take my comp to school. I'll admit I may be correlating a lil but of unsafity cuz I was on that very network when M$ failed me so hard. I may considered somewhere midway on the stoopid list cuz there are certain boards and sites that I like to go to that probly aren't the safest to begin with. But those sites and boards are where I'm learning a lot of the info that currently have. One of my faves that's not so dangerous is hak5.org but anyway.

I was referring to the fact the testing DL was for M$. I did check out the DNS susceptibility though since that was just a click of a button and wasn't os specific. I only got one bad score off of that list and I plan on figuring how to remedy that. I've also finally DLd Tor.... especially since it came on this month's "Linux Format" CD. And I've already learned at least the terminology of what you were describing with the open ports and browser header info. I'm planning on learning live MAC swapping within the week. I'm just looking for complete anonymity..... well as complete as I can get. I also have one of the liveheaders add ons on my FF, now I just need to get around using what that gives to my advantage/hackers disadvantage.





Oh.... and I was using IE when I was on winderps..... laziness mostly. Plus my not so old comp was already slow and I saw another browser as wasted space then. Now I have 3...
I like everything custom. My vehicles, my Operating Systems, my bank accounts....... I guess I'm just spoiled........maybe

Am I Anonymous?
Am I Legion?
Can I Forgive?
I Forget What Happened 15min ago......
Should I expect myself?

lmintnewb
Level 7
Level 7
Posts: 1568
Joined: Fri Apr 01, 2011 5:13 pm

Re: firewall

Post by lmintnewb » Tue Dec 13, 2011 1:42 am

Nah ... Mini, doesn't make ya stoop. If ya like learning about something, that's what the net is for. I was tired and mostly clowning around when I posted that stuff above anyway. Though do think that link from gn2 looked pretty good. Looked like the person who wrote it was trying to cover a lot of stuff. As for IE, reason I mentioned it with folks running a m$ os. Really do think it's a real sec concern, internet explorer is both made by M$ and likely the most targeted web browser in the history of the world ... A bad combination when ya think about it.

Nothing wrong with safe than sorry, understand exactly where you're coming from, am coming from windows myself. From what I've seen gnu/Linux users can expect not to have nearly as hard a time with sec and keeping our systems safe from viri with Linux.

minitrucker
Level 3
Level 3
Posts: 137
Joined: Thu Oct 20, 2011 12:32 am
Location: Alabama

Re: firewall

Post by minitrucker » Tue Dec 13, 2011 3:38 am

right. I learned all that stuff the hard way so far.... especially the IE-derpy combo. I'm actually wondering if I picked something up. I've had a couple of magical reboots, and got booted from some surf session... nothing has ever asked for my admin password though. unless somebody actually knocked me off and completely rebooted my comp remotely to try to get my pw
I like everything custom. My vehicles, my Operating Systems, my bank accounts....... I guess I'm just spoiled........maybe

Am I Anonymous?
Am I Legion?
Can I Forgive?
I Forget What Happened 15min ago......
Should I expect myself?

Inkit
Level 5
Level 5
Posts: 678
Joined: Fri Jun 25, 2010 4:44 am

Re: firewall

Post by Inkit » Tue Dec 13, 2011 8:43 am

Try installing firestarter. I personally feel it gives you more of a range of options than ufw. it is also very simple to use, and very effective. the default setting is generally good enough for most, where you have all incomming ports closed, but most outgoing ones open.
you can also close this to have only those you want open. This may cause you problems elsewhere, but that's the only way you'll learn. for example I had my setting set to deny all internal broadcasts except from 4 ports for my http, https, and mail. I found that I could not download anything via torrent until I set that port open too. Like I said, nobody ever learnt anything except by making mistakes.

minitrucker
Level 3
Level 3
Posts: 137
Joined: Thu Oct 20, 2011 12:32 am
Location: Alabama

Re: firewall

Post by minitrucker » Tue Dec 13, 2011 12:45 pm

Thanks Inkit, I'll see what that's about. Everybody has helpful so far. I love the Mint community!

Also, another peg to put me in ranking on the derper list. I was at Books A Million and a homeless lady wanted to surf ebay on my comp so I had to connect to their privatized wifi which had to make a LAN request for me to use it. For me to allow the request I had to turn ABE off in FF. I can't find the way to turn it back on..... any thougts or knowledge on herpin my derp?
I like everything custom. My vehicles, my Operating Systems, my bank accounts....... I guess I'm just spoiled........maybe

Am I Anonymous?
Am I Legion?
Can I Forgive?
I Forget What Happened 15min ago......
Should I expect myself?

Inkit
Level 5
Level 5
Posts: 678
Joined: Fri Jun 25, 2010 4:44 am

Re: firewall

Post by Inkit » Tue Dec 13, 2011 8:03 pm

ABE is part of noscript, so check your addons to see if it is enabled. if it is, you can check the settings to enable ABC there.

minitrucker
Level 3
Level 3
Posts: 137
Joined: Thu Oct 20, 2011 12:32 am
Location: Alabama

Re: firewall

Post by minitrucker » Wed Dec 14, 2011 3:40 am

ah. didn't realize he was part of noscript. thanks
I like everything custom. My vehicles, my Operating Systems, my bank accounts....... I guess I'm just spoiled........maybe

Am I Anonymous?
Am I Legion?
Can I Forgive?
I Forget What Happened 15min ago......
Should I expect myself?

Post Reply

Return to “Newbie Questions”