Hi guys,
I was previously running the SuSE firewall along with Squid as an HTTP proxy on my 9.3 Box. The problem with this setup was that the client machines have access only to HTTP and HTTPS. I couldn't get FTP, POP, SMTP and a host of other protocols to work on my client machines.
So, a friend just came across Firestarter (http://www.fs-security.com). I installed it this morning and it works like a charm. EVERYTHING works on the clients....as if they were connected to the internet themselves. There is absolutley no configuration on the client side. Its a very nice firewall/proxy....and from what I've read, its just a GUI for the iptables which comes with Linux 2.6 kernel.
What I need to know...does anybody know how secure Firestarter is? Am I any better/worse than using the SuSE firewall along with Squid? Is anybody out there using Firestarter?
Thanks
How secure is Firestarter?
Why don't you PuTTY or ssh into an external server and check your firewall from the outside?
From the external servers command line run the following: nmap -v -o ***.***.***.*** (the stars being your IP). It'll tell you exactly which ports are open and even rate the difficulty level involved in hacking the server!!)
nmap is normally installed on SuSE machines by default if mem serves correct!
From the external servers command line run the following: nmap -v -o ***.***.***.*** (the stars being your IP). It'll tell you exactly which ports are open and even rate the difficulty level involved in hacking the server!!)
nmap is normally installed on SuSE machines by default if mem serves correct!
Friggs --> Once again, thanks for the advice! Sounds really interesting. I did'nt know about nmap...and just installed it on the SuSE server at work.
My problem is, I want to check the vulnerability of the SuSE machine, which means I need to check it from one of our production boxes...and those machines are all AIX boxes (I dont have root access). Also, they dont have nmap installed on them.
I will mess with this a bit at home...its the security of my SuSE box at home I'm more concerned about..
Thanks Friggs....
My problem is, I want to check the vulnerability of the SuSE machine, which means I need to check it from one of our production boxes...and those machines are all AIX boxes (I dont have root access). Also, they dont have nmap installed on them.
I will mess with this a bit at home...its the security of my SuSE box at home I'm more concerned about..
Thanks Friggs....
