Quoting Roberto Sanchez <[EMAIL PROTECTED]>: > > I am planning on getting DSL in the near future, so I have been considering > what to do about a firewall. > > My intended setup is like this: > > www -> DSL modem -> cable/DSL router w/ hardware FW -> small LAN > > However, I would still like to have a firewall on each individual machine. > I downloaded firestarter on one machine and played around with it some. > But I'm not sure if that is the best tool. I basically want to block all > incoming traffic except for SSH and DHCP (so I can get an IP address from > the router). This setup seemed pretty easy with the little wizard that is > included. I also need to be able to print across my local network. > > I tried out several services (telnet, ftp, and http) and it blocked those > requests, but I am not sure how indicative that is of the security level. > I also tried ssh and that worked fine. >
On the LAN, try nmap and Nessus. From the Internet, www.grc.com and www.vulnerabilities.org. The former is the Web site for Steve Gibson, a controversial figure. His Shields Up! scan is Window-centric, but a decent starting point. The latter URL is basically a Nessus scan. It's good, but may point vulnerabilities that you do not have. E.g., it sometimes assumes which daemon you are running on a given port. It flagged a Sendmail vulnerability. I have run several different MTAs on port 25, but never Sendmail. HTH, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
