Setting up a Firewall

• admin


• 21 Mar 2007

Sometime back we have covered the basic installation of a Wireless Router for networking a few computers. This time we will explore the actual setting up of a simple but effective Firewall and Internet Connection Sharing for a number of computers.

Windows Internet Connection Sharing (ICS) :
If you want to connect one computer which has access to the Internet to other computers in a local network, sharing the internet connection, you need an extra Network Interface Card (NIC) and you need to enable ICS in your primary computer. This would automatically set the local network card IP address to 192.168.0.1 and allow you to share the internet connection for all machines in the range 192.168.0.2 to 192.168.0.255 .

If your network address is not compatible with this range, or if you have Virtual Private Networking (VPN) then this option is not suitable. You will be better off with a dedicated Hardware Router or what we propose here: – Linux Firewall and Router. In fact you will find hundreds if not in thousands of pages of content about Linux firewalls and software routers running from a modestly equipped box.

Most hardware firewalls and routers come equipped with standard protection against Denial of Service (DoS) attacks and offer network reliability through Stateful Packet Inspection (SPI). Still a well designed software firewall adds the extra feature of scalability and flexibility unmatched by the hardware equivalents.

Besides extended logging allows one to enhanced monitoring for attacks. Intrusion detection is easier with this.

It must be said in bold that a firewall is the first step in your Network security. It is not a complete solution to your Network security. It does not work in isolation. You must have a complete comprehensive security policy involving effective monitoring and intrusion detection.

Simply put, a firewall examines the incoming packets and outgoing packets on specific open ports, and applies a set of pre-defined rules to determine whether an individual packet should be permitted. These rules can be based on allowable originating and destination hosts, ports, packet header information, or any combination of these factors.

Linux, as always comes with many security features in-built including a Firewall. Ipchains with a set of configuration files in Iptables is standard for most distros of Linux. Netfilter offers a set of loadable kernel modules that extends the firewalling capabilities of Linux to allow session-based packet examination.
Linux Kernel with the added features of firewalling through Netfilter has made network security easy to manage.

We will start with Firestarter – a GUI tool to control Netfilter from GNOME. It is simplicity itself. It says in its cute help page : “An all-in-one Linux firewall utility for GNOME”.

Get Firestarter from here: http://www.fs-security.com/

Its features include:

• • Easy to use graphical interface
  • Has a Wizard mode to get up and running in a few seconds
  • Allows Internet Connection Sharing
  • Option to whitelist and blacklist traffic
  • Set up a Dynamic Host Configuration Protocol (DHCP) for the local network ( this is not built-in but uses the system’s dhcpd)
  • Has an advanced kernel tuning Feature
  • Supports Linux Kernels 2.4 and 2.6
  • Ability to hook up user defined scripts or rule sets before or after firewall activation
  • View active network connections, including any traffic routed through the firewall

We will come back with the installation and setting up in the second part.

See more