Firewall settings help for noob [resolved, thanks]

Questions about Wi-Fi and other network devices, file sharing, firewalls, connection sharing etc
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
Huh?

Firewall settings help for noob [resolved, thanks]

Post by Huh? »

Hi,
I just got on my windows network by changing firewall settings by going to Administration-firewall configuration. What I did was changed the "by default" setting from "deny" to "allow", I clicked "add" and set it to "deny" from all the listed programs (amule, deluge, nicotine, transmission and vuse). So great, my network is working.

My question is (for a total noob, and in a language I can understand) what are good settings for my firewall? I use P2P software, internet, email, instant messaging, download by http not ftp, etc.

I'm talking Linux Mint 7 here. I've never even touched Linux till this weekend. Gloria and I aren't speaking the same language here. I speak windows, she speaks Linux...I really hope our relationship works out...I mean, she's pretty and sweet.
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
DrHu

Re: Firewall settings help for noob

Post by DrHu »

Huh? wrote:What I did was changed the "by default" setting from "deny" to "allow", I clicked "add" and set it to "deny" from all the listed programs (amule, deluge, nicotine, transmission and vuse). So great, my network is working My question is (for a total noob, and in a language I can understand) what are good settings for my firewall? I use P2P software, internet, email, instant messaging, download by http not ftp, etc
What I did was changed the "by default" setting from "deny" to "allow", I clicked "add" and set it to "deny" from all the listed programs
Sorry I don't know what you chose, deny or allow, based on that sentence ??

If you use all that, all the time, then setting the router to allow traffic for those services is the best you can do

You might decide that you need more than one profile for the network connection
  • Full firewall
    --restrict everything except http, https (normal web services)
  • Game
    --punch through traffic for game port #, they will tell you which port # is needed
  • Some custom setting
The point being..
http://gufw.tuxfamily.org/index.html
http://www.techotopia.com/index.php/Usi ... x_Firewall
--or any gui firewall manager you choose, such as firestarter
Unless you need or use gaming servers or otherwise need to open ports to allow specific network traffic into your system; the default firewall setup of deny all incoming connections except web services, port # 80 is the proper and safest choice.
altair4
Level 20
Level 20
Posts: 11427
Joined: Tue Feb 03, 2009 10:27 am

Re: Firewall settings help for noob

Post by altair4 »

I'm going to avoid answering your question directly because I don't "use" a firewall - I'm putting "use" in quotes on purpose. Without doing anything from Administration-firewall configuration you are already running behind a firewall - possibly 2:

If you're running a home network behind a router, then the router itself is a firewall:
The following explains how a router acts as a firewall: http://www.grc.com/nat/nat.htm
A NAT Router's Inherent Security
Although NAT routers are not generally purchased for their security benefits, all NAT routers inherently function as very effective hardware firewalls (with a few caveats examined below). As a hardware firewall they prevent "unsolicited", unexpected, unwanted, and potentially annoying or dangerous traffic from the public Internet from passing through the router and entering the user's private LAN network.

The reason they do this is very simple: With multiple "internal" computers on the LAN behind the router, the router must know which internal computer should receive each incoming packet of data. Since ALL incoming packets of data have the same IP address (the single IP address of the router), the only way the router knows which computer should receive the incoming packet is if one of the internal computers on the private LAN FIRST sent data packets out to the source of the returning packets.
If you don't beleive that this is true go to the ShieldUp Website to check your security level
https://www.grc.com/x/ne.dll?bh0bkyd2
Look at the ip address that it's probing - it's the public ip address of the router not the machine behind the router.

Second, the Mint "firewall" is already active by default:
http://forums.linuxmint.com/viewtopic.p ... 780#p66017 From Fred:
Iptables controls the ports. It is a part of the port system and is always active, as long as the system is running. Iptables is as close to a Windows "firewall" as you get in Linux. In Windows, the firewall is not a part of the system infrastructure, but an add-on afterthought.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Huh?

Re: Firewall settings help for noob

Post by Huh? »

Thanks for the help. I'll give firestarter a try. I don't keep anything important on my Linux partition (yet) till I know what I'm doing with Linux, but I don't want to have "loose" firewall settings.
Thanks for the suggestions.
Locked

Return to “Networking”