Linux like other OS doesn't escape the rule, it needs to be protected against attacks and intrusion, so better equip your system with firewall before getting connected to the internet. A good exam[le of this kind of software is namely The Shorewall (it provide a direct access through thedrakfirewall using the console mode root).
drakfirewall:A small tool allowing you to set up a basic firewall on your system.
shorewall is default to Mandriva distribution.
Checking if service is enabled at startup
You must be aware by now GNU / Linux services are called daemons...Below you shall be provided, the necessary steps to set up your firewall.
Go toMandriva Linux Control Center (root password required)
In the System tab, select theEnable or disable system services option and search for the shorewall daemon.
Note that it is crucial that this service should be defined as active and checked at startup.
The next step is to access the configuration panel of your firewall( configure your settings):-)
Open a root user console and type in <gras>drakfirewall to access the Mandriva Linux Control Center
From there to the Security tab
Click on: Setting up a personal firewall to protect the computer,
Don't forget to uncheck the boxes that disable you firewall at startup.
Enter your preferences
After the steps below,you will be provided with the multiple options and features,you may want to add to your firewall settings. These are discussed below:
The options you better check:
Web Server: Important when hosting a website or a blog.
Server name domain: Verify if association of network machine name to an IP address is allowed by your system.
SSH Server: Secure connection to another machine (remote access) is allowed.
FTP server: FTP transfers will not be secured, your username and password can be easily retrieved.
POP and IMAP Server: In the case that your computer acts solely as a mail server.
Windows File Sharing:If you installed Samba server, that will be connected with Windows based systems. If the machine is directly connected to the Web,better disable this feature.
Server Cups:For print sharing in local network, enable it.If the machine is directly connected to the Web,better disable this feature.
Echo Request (ping): Just ping to see whether a machine exists at the end of an IP address.If response is +ve, then check.
Handling BitTorrent Transfer Clicking the Advanced button (bottom of the window), you can refine the settings.
You must actually access it to add permissions( Necessary to enable BitTorrent transfer).
E.g If you want to add the TCPports 6881 to 6889 . Simply enter 6881:6889 / tcp. If in addition you want to add TCP port 8080, it will be
6881:6889/tcp 8080/tcp. Which you have included:
- 6881:6889 for ports 6881 to 6889 - / Or tcp/udp as the case directly attached to the port number
- A space between two different ports.
Mandriva is a frequently used BitTorrent protocol. Let's see this tip
- Allowed port 6881 to TCP 6889 by the Advanced button.
This gives 6881:6889/tcp - Then, edit the file /etc/services root user.
E.g using profile: Username
Username/etc/services - After a search of this file (Edit menu/ search), it was found that no permission required for BitTorrents ports 6881 to 6889.
- You can add the following lines