View previous topic :: View next topic |
Author |
Message |
simvin76 Tux's lil' helper
Joined: 05 Oct 2005 Posts: 96
|
Posted: Sat Feb 18, 2006 2:46 pm Post subject: Why use a firewall? |
|
|
Hello
I have a box running chrooted bind, sendmail, uw-imap, apache and ssh.
Why should I run a firewall? The firewall would accept communication to these sevices, blocking all else.
Without a firewall, anything sent to an unused port would be dropped?
On the forum it is generelly said that you should have a firewall. What have I missed? I only use services I need and I have configured those to the best of my abillities.
/Simon |
|
Back to top |
|
|
biznatch Apprentice
Joined: 23 Jul 2004 Posts: 220 Location: Wichita, KS
|
Posted: Sat Feb 18, 2006 2:57 pm Post subject: |
|
|
An IPTables firewall can help prevent DOS and other types of attacks (if you use the right rule set). You can also use it to blacklist hosts/networks that try to attack you... Because believe me, if you put a Linux box directly on the internet, someone is going to attack you.
The firewall also gives you some pretty cool logging and rate limiting capabilities.
Disclaimer: I have never setup an IPTables firewall, but from what I read about you can do all this and much more. _________________ While your waiting for your post to be answered, please help with unanswered posts.
Last edited by biznatch on Sat Feb 18, 2006 2:59 pm; edited 2 times in total |
|
Back to top |
|
|
sloof3 Tux's lil' helper
Joined: 09 Sep 2004 Posts: 75
|
Posted: Sat Feb 18, 2006 2:57 pm Post subject: |
|
|
For services like SSH you might want to restrict where you can connect from since it's a service aimed to give people a shell on your system. I know OpenSSH has the capability to only allow connections from certain IP addresses but a firewall could make it apprear that the service doesn't exist at all to IPs you haven't explicitly allowed. Which is good in case (rather when) someone tries to run a bruteforce common username/password attack. For the other services you can set rate limiting with IPtables. Another benefit would be for you to know exactly what traffic would get through the firewall since you could configure it for only the services you want. Which prevents accidental services from being exposed to the internet.
--sloof3 |
|
Back to top |
|
|
|