Windows Firewall Notifier is a third party program for Windows 7 and Vista that improves the handling of the firewall in this regard. When you first start the firewall notifier it performs a series of actions.

The program enables the Windows Firewall if it is not enabled on the system. Once enabled, it will block all inbound and outbound connections for which no firewall rules exist. It then enables Windows firewall inbound connection notifications and outbound connections logging if disabled.

A task is then created in the Windows Task Scheduler that is linked to Windows firewall event log entries. This will basically launch Windows Firewall Notifier whenever an inbound or outbound connection for which no rule exist is blocked.

Configuring the program to run as a task means that it will not run in the background all the time. The Task Scheduler will launch the firewall notifier whenever the system tries to make a connection that is not listed under allowed or blocked connections. The following dialog is then displayed on the screen giving the Windows user options to allow or block the connection.

The notification lists the application’s name, system path and target IP or hostname. Buttons are available to allow or block the connection once, or to allow or block it always.

The program will make the selected changes to the firewall configuration before it closes down again. Users who want to uninstall the firewall software again need to run it again. A dialog to disable it is then presented on screen.

Windows Firewall Notifier is a handy program for Windows Vista and Windows 7 users who make use of the built-in firewall. The program, compatible with both 32-bit and 64-bit editions of supported Windows operating systems, is available for download at the developer website. (via)

I usually start with the game requirements. You find them in the manual, in a faq or readme on the CD, or on the developer homepage usually. A search for “game name ports” should be enough to bring up websites where the ports are listed. Ports? It would be way to technical to write everything there is to know about ports. Think of them as doors to your computer. Doors can be closed from both sides, or only from one side. Incoming traffic is usually allowed, while outgoing traffic is limited. Network traffic can utilize many different ports. Some are standardized, like port 21 for ftp connections, some are not and game dependent.

Once you have the ports, you need to check if and how they are blocked. There are basically two possibilities here. It is possible that software running on the PC is blocking the traffic. The most common software is a firewall that controls the traffic. The second possibility is hardware based, a router, hardware firewall or computer the traffic is routed through. Depending on your access level, you may have access to all configurations, to some, or none at all.

Hardware Connection Issues

Lets assume it is your home network and that you have full access to all devices and programs. It does not really matter if you start to check your hardware or software options first. I usually start with the hardware. Check the manual of the device, e.g. a router manual, to find out how you can access the devices configuration. It is either an IP address that you need to type in your favorite web browser or a domain name that is only locally valid.

I have to enter speedport.ip to open the admin interface of my Speedport W 920V router. You are usually asked to enter the admin password at this point. You find it on the router or in the router manual usually. If not, search the Internet for “device name default password” or “device admin password”.

While you are at it. Check the manual to find out how you configure ports in the device. On my device, I have to click on the Network entry, and then on NAT and Port rules to get there.

Make sure you add enable all ports that are required to play or host the game.

Try playing or hosting the game once you setup the ports. If it works, congratulations and lots of fun playing the game. If not, you may have a software firewall or other device that is blocking the traffic.

Software Connection Diagnostics

The sheer mass of firewall and security solutions makes that part difficulty. It can even happen that you have two different firewalls enabled, the Windows Firewall which ships with the operating system, and a second firewall that you have installed manually.

Lets look at Windows Firewall as this is probably the most common software firewall installed these days. Click the start button and select Control Panel from the start menu. Select System and Security, and in that menu Windows Firewall.

Windows displays the status of the firewall. If you see Connected, the firewall is active. If both are set to not connected, then the firewall is not active. You then need to check your system to see if another security program is running that controls the network traffic.

If it is on, you need to click on the “Allow a program or feature through Windows Firewall” to see the access rights of the program or game you want to use. Windows displays a list of programs that are allowed to connect to the Internet. Look for the application or game in the list. If it is not there, add it with a click on Change Settings and another click on Allow another program.

Select the program from the list or click the browse button to add a program or game that is not listed there. A click on the add button in the same configuration menu adds the new program to the list. You can try to connect to multiplayer games or host games.

You can use software to check for open ports. Online tools such as Can You See Me, Port Check or Port Forward can help you check specific ports on a computer system.

Did I miss something? Let me know in the comments.

It is often a good idea to simply test the firewall for open ports. You see, ports are used for connections and only open ports can be used to connect to the PC. Common ports are port 80 for http connections (that’s web traffic using a browser usually) or port 21 for ftp connections. It does not make sense to have port 21 open if no ftp server is operated on the computer.

Shields UP is a free Internet service that can test ports on the local system. Users just need to open the https://www.grc.com/x/ne.dll?bh0bkyd2 url in their web browser to load the configuration window.

From there is it just a matter of clicking on one of the available tests to run it.

The first three available tests are probably the most interesting. File Sharing tests for open file sharing ports, Common Ports the most common, popular and targeted ports, and all services ports the first 1056 ports of the system.

Each port is reported back as open, closed or stealthy. Open means that the port is accessible, closed that is is not and stealthy that they are blocked somewhere between the computer and the Internet, for instance by a router.

It is then up to the user to interpretate the results, the information posted on the test website offer a good starting point.

To that end, I offer up five tips that will ensure that Ubuntu Linux desktop is safe and secure. These tips are all such that any level of end user can undertake them without having to take classes in PCs or Linux administration.

Use solid passwords

As of 2010, the most common passwords used are:

1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123

It should be obvious that anyone and everyone must avoid using the above passwords. What is not so obvious is how most users ignore the pleas of software manufacturers, administrators, and everyone in between to use secure, unique passwords. Even though the Linux operating system is a solid environment, you are not exempt from this. Because Linux is a multi-user OS every user should have a very unique password. These passwords should follow the standard requirements:

• Upper and lowercase letters.
• Include a number.
• Include special characters such as #,!,$.

Use more than one username

Linux is a mult-user OS. If you have more than one user on your system, make sure that each and every user has a log in. Unless dictated by need, do not have a general user account that everyone uses. If you use a single account, everyone will have access to each users’ data. To set up new user accounts click on System > Adminster > Users And Groups to take advantage of the user-friendly GUI tool.

Update your software

There is a reason updates occur. In many instances, those updates are often security driven. Because of this, you will not want to make a habit of ignoring updates. You will know, right away, when an update is available as it will appear in your notification area. When this happens, click on the icon, enter your sudo password, and allow the updates to complete.

Install a firewall

Just because you are using the Linux operating system, doesn’t mean you are immune to hacks and attacks. It’s always better to err on the side of safety by adding a firewall on top of your system. To do this, open the Ubuntu Software Center, search for “firewall” (no quotes), and install the firewall tool that best suits your needs (GUFW is a good choice).

Lock your screen/no auto login

This is something I always set. When your screensaver starts up, by default the behavior is to lock the screen. Do not disable this behavior as it opens up your desktop to nefarious behavior when you are away from your desktop. In the same vein, you should also not enable the auto login feature. Yes, it is quicker when starting up your machine and less of a hassle than having to enter a password – but auto-login is nothing more than inviting users other than you to get into your files and view files they shouldn’t view.

Add ‘em up

If you follow those simple tips your Ubuntu (or any Linux desktop) will be much safer than it would be if you ignored them. These tips can also, for the most part, apply to just about any operating system. The key is to use your computer intelligently to help avoid attacks of various types.

The first thing that we should make sure before we go ahead and repair the Windows Firewall is to verify that it is indeed turned on and running. To do that open the Windows Control Panel by clicking on the Start Orb in the lower left corner and then on the Control Panel link there.

Depending on the layout of the control Panel users find the Windows Firewall in the Security group, it is named Windows Firewall.

This opens a Control Panel applet. Locate the link Turn Windows Firewall on or off in the left sidebar and click it. The shield icon in front indicates that this requires elevated privileges.

The next screen indicates if the Windows Firewall is turned on in private networks and public network locations.

Third party security suites often recommend to turn off the Windows Firewall to avoid conflicts with their firewall. Make sure you only turn on the firewall if there is no other firewall running.

If the Control Panel applet is not displaying options to turn on or off the firewall, it may be because the Windows Firewall service is not running on the system.

To verify if it is running press Ctrl-R on the keyboard, enter services.msc and hit enter. This opens the Services configuration window. Locate Windows Firewall in the list of services and make sure it says it is Started. Check the Startup Type if it is not. The firewall service needs to be set to automatic startup. The startup type can be changed by double-clicking the entry and selecting Automatic from the list of available startup types.

Lets say you have checked that the Windows Firewall is turned on and running in the system. What if you experience problems related to it? Or, even worse, what if you cannot enable the Windows Firewall.

Repair WMI & Windows Firewall has been designed to repair problems associated with the Windows Firewall.

While helping people with their port forwarding I have found that if the Windows Firewall (which uses WMI) is broken then port forwarding will not work. And also other problems can happen with programs and networking.I made this app to simplify the process for users to get WMI and the Firewall working again.

What does it do? It seems to do a few things, like making sure the Windows Firewall Registry settings are there, or that all dlls and exes are registered on the system.

To use it, users simply press the Start button and wait until the process completes. The program needs to be started with elevated rights, to do that right-click it and select to run as an administrator. The program is available for download at the developer website.

In this article I will introduce you to the Fedora firewall tool and show you how to secure your Linux distribution quickly and reliably.

Two ways to success

There are two ways to configure the firewall tool to meet your needs. The first method is manually. You can decide what to leave open and what to close up. The other method is with the help of a very easy to use Wizard. What these choices do is allow the system to be useful for both new and seasoned users alike.

What I really like about this tool is that it doesn’t take anything for granted. It allows you decide what interfaces, services, ports are all trusted; it allows you to create your own custom rules, do port forwarding, and masquerading. This tool is pretty fantastic and will keep your desktop secure. Now, let’s see how this thing works.

The Wizard

Figure 1

The Wizard is where every new user should start. But before you get to the Wizard you actually have to start the tool. To do this click System > Administration > Firewall and the main window will open. From this main window click on the Wizard button to begin the process of creating your firewall.

The steps of the Wizard are as follows:

Step 1: Welcome screen (just click Foward).

Step 2: Select the system you ahve (System with Network access or system without network access).

Step 3: User skill level (Beginner or Expert).

Step 4: Configuration (Desktop or Server).

After you have completed the Wizard click the Apply button on the main window to complete the process. This will clear your current firewall and apply the settings the Wizard has created. Only problem? The wizard really didn’t do much as far as customization for your needs. In order to really customize your firewall you have to step outside the boundaries of the wizard. Let’s do that.

If you look at the main window you can see there is a number of options you can select. If you find the only option in the left pane that is available is Trusted Services, that means you have selected Beginner level. In order to access the other features (Other Ports, Trusted Interfaces, etc) you will have to set yourself up as an Expert by clicking Options > User Skill Level > Expert. Once you have done that all the other options will be available.

At this point you simply need to walk through all of the possible options and select the following:

• Trusted Services: Which services do you want to be made available to hosts and networks.
• Other Ports: Here you can open up any port listed in /etc/services.
• Trusted Interfaces: If you have more than one NIC on your machine this will be especially handy. Define internal and external network interfaces and refine what each has open.
• Masquerading: Need to hide an entire range of private IP address behind a single public address? You might need to configure masquerading.
• Port Forwarding: If you need to configure the host machine to forward a port request to another machine, this is where you do it.
• ICMP Filter: Here you configure error messages between computers. You can block things like ping requests here.
• Custom Rules: This is where you can add your very own custom rules to your firewall. We will discuss this further in another article.

Once you have made any changes make sure you click the Apply button in order to apply the changes.

Final thoughts

That’s pretty much the gist of the Fedora Firewall tool. We will take this further soon with an article on creating your own customized rules with this tool. Until then, enjoy hardening your Fedora box with this easy to use firewall tool.

In this article you will learn some very simple steps you can take to help make your Linux desktop a bit more secure than “out of the box”. These steps can be done by any level of user, so don’t think you will be doing any recompiling or creating iptables chains.

No auto login

When you first install many distros, you will be asked if you want your user to auto login. This is a bad idea if you are in an environment you can’t fully trust. If there are other users around, you do not want them using your account. To help avoid this disable auto login. On the GNOME desktop go to System >Administration > Login Screen. When the Login Screen Settings window opens follow these steps:

• Click the Unlock button.
• Enter your password when prompted.
• Check the Show the screen for choosing who will log in.
• Click Close.

Now when you are done using your desktop log out. The only way to get back in will be to log in.

Encrypt your ~/ directory

During installation many distributions give you the option of encrypting your ~/ directory. This will give you an added means of security – especially if your machine is stolen. With the ~/ directory being encrypted, even when the thief can not log into your user account, they will not be able to read your encrypted directory without the decryption key. That makes for some fairly safe data.

Don’t run unnecessary services

There are certain services you may not need on your machine. Some services can lead to a less-than-secure environment. Instead of allowing these services to continue running, stop them at boot time. Each distribution handles this differently. You can see how different distributions handle this in my article “Starting services at boot in Linux“. Shut down those unwanted services and gain a bit more security.

Run a simple firewall

Don’t bother getting too complicated with your desktop firewall. But if you are really paranoid, employ a simple tool like ufw (Uncomplicated Fire Wall). In Ubuntu ufw is installed by default. You can start it like so (from the command line):

sudo ufw enable

You can disable it like so:

sudo ufw disable

Install rkhunter

Root kits are a danger to any operating system. You will want to install a tool to check for root kits the minute your operating system is up and running. The best (and easiest) root kit tool is rkhunter. For information on installing and using rkhunter, read my article “Check for root kits with rkhunter“.

Shut down that P2P

I use P2P tools. But when I am done searching (and/or downloading) I shut that tool down. Why? Unwanted access. There is no real reason to leave your machine open to unknown users. So instead of leaving that P2P tool open for business, shut it down.

Careful with 666 and 777

When you chmod a file (or directory) use caution when given them either 666 or 777 file permissions (rw-rw-rw- and rwxrwxrwx respectively). This is especially true on a file (or directory) containing sensitive data. For those files either only allow read access to group and other or encrypt the file so only those with the encryption key have access. Using either 666 and/or 777 without careful thought is reckless on a Linux machine and can lead to security issues.

Final thoughts

There are so many more tips you can go through – some of which might seem common sense to many – that can lead to a more secure environment. But the most important tip I can give to you is to think before you execute. Don’t just randomly do something without knowing the end results first. In the case of security the old Benjamin Franklin quote “An ounce of prevention is worth a pound of cure.” holds very true.

The Installation of Panda Internet Security 2010 is wizard based with options to install a minimal, standard or custom version of the product. Depending on the choice made by the user the program will scan the computer memory and hard drive during installation. The program requires one restart after installation and it is highly recommended to uninstall any security software that might interfere with Internet Security 2010 before starting the installation.

Panda Internet Security will display the following interface after the system restart. Green lights indicate working and functional modules while red lights would indicate that a module is either not working properly or disabled.

Internet Security 2010 will automatically display a warning on top notifying the user that the software needs to be updated over the Internet. This will update the software to the latest version and should be the first thing a user does after the first startup.

The PC security software itself is dominated by two main areas: The tab bar on top and the links in the center that point to the various modules like firewall or antivirus.

The five tabs Status, Scan, Report, Quarantine and Services on top switch to other parts of the user interface.

Status: Displays scan statistics as well as the status of all modules of the antivirus firewall software with options to change settings by clicking on one of the modules or the settings link.

Scan: The user can perform manual scans in the Scan section. This ranges from scanning the computer, to hard disks, email, other items and detecting vulnerabilities.

Report: Will display event reports and statistics

Quarantine: The list of files that have been added to the quarantine.

Services: Option to create rescue disks, contact technical support, send suggestions or suspicious files.

Settings and the individual modules on the status page link to the configuration settings of the program. Each links to a help file which can aid the user in understanding the individual settings that can be changed. There is also always one global checkbox that can enable or disable a module immediately.

The settings are extensive. If you open the firewall protection settings for instance you notice three setting buttons for rules and one for networks and wi-fi. The three rules button configure the programs that are allowed to access the Internet or network, enable or disable Windows services and to specify ports, addresses and protocols that are allowed or disallowed on the computer.

Speaking of firewall controls. Panda offers a smart configuration mode for the firewall which will then automatically control the network traffic. Some security programs use very strict firewall settings that leave the user with no choice but to manually add programs to the list of allowed programs. Panda makes this almost unnecessary as we did not experience issues with any of the programs that we used to connect to the Internet.

List of Panda Internet Security 2010 modules:

• Anti-Malware Protection
• Advanced Proactive Protection
• Personal Firewall
• Anti-Rootkit Technology
• Anti-Phishing Filter
• Anti-Banking Trojan Engine
• Web Filter
• Personal Information Filter
• Anti-Spam Filter
• Parental Control
• Backup & Restore

The main changes to last year’s version are a stronger focus on the Collective Intelligence technology. You might have read about it when we reviewed Panda Cloud Antivirus. Collective Intelligence “works as an online, real-time database that stores the majority of signature files, keeping them at a minimum on the endpoint”. This has a measurable effect on the program’s computer resource usage.

Collective Intelligence was integrated into the last version, but Panda has refined the technology considerably in the past year. Internet Security – and Panda’s other 2010 retail products, for that matter – boast an 80% improvement in performance against previous versions; because signature files are shared in the cloud, the products take up considerably less memory. Panda’s baking Collective Intelligence across all of its products (most visibly with its free Cloud Antivirus, which they launched a few months back) and the technology has really become the company’s core differentiator in the past year.

The second addition is a USB vaccine technology which can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically.

Interested users can take a look a the program’s page over at Panda Security to find additional information about improvements and technical requirements of the Internet Security suite.

Christmas Giveaway:

We have ten licenses for Panda Internet Security 2010. Just reply with a comment to this article and let us know what you are currently using to protect your PC for a chance to win a 1-year 3-user license of Panda Internet Security 2010.

Raju over at TechPP is giving away Cyberlink Power Director 8 today, make sure to check out his giveaway as well.

The forum announcement of Zonealarm 9.1 links to a download page at the Zonealarm website where users can download that version of the free software firewall. Major changes in Zonealarm 9.1 include full Windows 7 compatibility and a new browser security toolbar that detects spy sites, offers website safety checks and ratings as well as a signature and heuristic phishing detection.

The direct download link for Zonealarm 9.1 can be accessed here. Zonealarm users who are running an earlier version of the Zonealarm firewall are asked to uninstall that version before they start installation of Zonealarm 9.1. Best way to do so is to remove Zonealarm from the list of Windows startup items by going to Overview> Preferences > General > Load ZoneAlarm at startup.

It also has to be noted that Zonealarm 9.1 should be run as the only software firewall on the computer system. It is therefor highly recommended to uninstall other software firewalls and to disable Windows firewall to ensure that the firewall protects the PC properly. Zonealarm 9.1 is compatible with both 32-bit and 64-bit editions of Windows 7 and previous Windows operating systems. (Thanks Dante for the tip).

The Check Point ZoneAlarm Pro promotion represents a $40 value and includes a full year license for up to three PCs. It is limited to only one download per new customer.

Features of Zonealarm Pro Firewall 2010:

• Advanced Download – Analyzes browser downloads in three unique ways before they can infect your PC and warns if they are malicious.
• Free Credit Bureau – Protects your identity with daily credit report monitoring and provides victim recovery services.
• Complimentary and Compatible – Works well with other free and paid (non-firewall) security products, such as AVG and Norton Antivirus.
• Automatic Program Control – See less alerts than with ZoneAlarm Free Firewall.
• OSFirewall™ – Monitors changes within your computer to spot and stop new attacks that bypass traditional anti-virus protection.
• Anti-phishing and Site Status – Blocks fraudulent websites including “phishing” sites that trick you into entering personal data.
• Two-way Firewall – Keeps hackers out by making your PC invisible online and blocking intrusions.

Additional information about the firewall are available at the Zonealarm website.

Update: Users need to add credit card information for “verification” purposes. Check Point is setting the subscription to automatically renew after a year which can be changed in the use profile on the website.

When you spend a lot of time creating and administering the web/mail server combination, it’s always good to have a solution that is easy to put in place. I have found one that I have used for a while now and trust its security and ease of use. This “system” uses a fairly complex iptables script that has just a single line that you will need to modify in order to have sound security for a web/mail server that serves up web pages via Apache on port 80 and mail via SMTP on port 25 and IMAP via port 143. Included in this script is the inclusion of port 25 for secure shell access.

You will be surprised how simple this script is to use. I have uploaded the script to a pastebin site which you can access using this address. Copy that script to your Linux server (for the sake of simplicity save it in ~/scripts, which you will create) and you are ready to set the system up.

Configuration

The only line you need to configure (unless you need to change the networking device name and/or want to include extra ports or remove ports from the script) is line 8. This line looks like:

SCRIPT_DIR="/PATH/TO/DIRECTORY"

What you want to have there is the location that will be filled with any IP address blocked by the firewall. For the purposes of this tutorial it will be saved in ~/scripts.

Once you have that edited you can save the file and call it start_iptables.sh. Now give the file executable permission with the command:

chmod u+x start_iptables.sh

Now create a new file called stop_iptables.sh. The contents of that file will be:

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

Make that file executable with the command:

chmod u+x stop_iptables.sh

The former script will start your firewall, the latter script will stop it.

Starting this script

You can start and stop this script any time you feel like with the command:

sudo ~/scripts/start_iptables.sh

If there are no errors you should see something like:

Starting IPv4 Wall…

You can also check to see by listing all of your iptables chains with the command:

sudo iptables -L

Stopping the firewall is done with the command:

sudo ~/scripts/stop_iptables.sh

Start at bootup

Now let’s make it such that the firewall script starts upon boot of the server (should the need arise).  Open up the /etc/rc.local file and add the line:

/PATH/TO/scripts/start_iptables.sh

before the “exit 0″ line.

Where /PATH/TO/ is the explicit path to the ~/scripts directory (you can’t use “~/” in rc.local).

The script will now start at boot.

Final thoughts

This easy to install firewall will add a level of saftey to your web/mail server that would be hard to come by with a GUI tool. And if you are using a headless (console only) server, it’s the only way to go.

Now with the Linux operating system you have a lot of choices for protection. But one of the easiest to use is Firestarter. Firestarter is one of the easiest-to-use firewalls I have used. And with this simplicity does not come a sacrifice to security. Just because it’s easy does not mean it lacks protection. Firestarter is powerful and has a ton of features. In this article you will learn how to install Firestarter and set up a basic desktop firewall.

Feature highlights

Firestarter includes such features as:

• Setup wizard.
• Real time event viewer.
• Easy port forwarding.
• ICMP parameter tuning.
• Advanced kernel tuning.
• Suitable for desktops, servers, and gateways.

and much, much more.

Installation

The installation of Firestarter is simple. Because it will most likely be found in your distributions’ repositories you will only need to follow these steps for installation:

1. Open up your Add/Remove Software tool.
2. Search for “firestarter” (no quotes).
3. Select Firestarter for installation.
4. Click Apply.
5. Enter your user password.
6. Wait for the installation to complete.
7. Close your Add/Remove Software utility.

Running Firestarter

Figure 1

You will find the Firestarter executable located in the Administration sub-menu of the System menu (in GNOME). When you first run Firestarter the wizard will open up. The first screen is the usual Welcome screen so you can just click the Forward button. The first screen you will have to do any configuration with is the Network Device Setup (see Figure 1). In this screen you need to set which interface Firestarter is to listen to. I am using a laptop so I will select my wireless device.

Figure 2

The next screen (see Figure 2) asks if you need to use internet connection sharing to set your machine up as a gateway. If you do you will need to first click the check box to enable it and then select an interface for the other machines to connect to. If you need to use your machine as a DHCP server you will have to have that installed outside of Firestarter.

Once you have taken care of connection sharing (if it is needed) click the Forward button and you’re done. The last screen wants to know if you want to start the firewall immediately and has you save your configuration.

Figure 3

While Firestarter is running you will see a small icon in your notification area that looks like a blue circle with a right-pointing triangle. If you click on that it will open up the Firestarter main window (see Figure 3). From this window you can Stop the firewall, lock the firewall, view the events log, edit both your inbound and outbound policies, and monitor active connections.

In order to monitor active connections expand the Active Connections listing which will list every connection made to and from your machine. In both the Active connections section and the Events tab you can right click an entry and take action. For instance, in the Active Connections section you can right click an entry and look up the hostname of that entry. In the Events tab you can do more. If you right click an entry in the Events tab you can do the following:

• Allow connections from source.
• Allow inbound service for everyone.
• Allow inbound service for source.
• Disable events from source.
• Disable events on port.
• Lookup hostnames.

Finally, in the Policy tab, you can right click any blank area and add a rule that will apply to a connection from a host or to a port/service. When you go to add a rule you will only need enter the IP address (or domain) and then add a comment.

Final thoughts

Firestarter makes the often daunting task of creating a firewall for a Linux machine simple. If you have ever dealt with iptables you will understand when I say this is a huge relief for desktop users who do not want to take the time to learn to use the underlying technology.

As you would expect, with the help of Webmin, creating a firewall is very simple. And the default Webmin installation comes complete with a firewall module built in, so there is nothing to install (once you have Webmin installed.) All you have to do is point your browser to http://IP_OR_DOMAIN:1000 (Where IP_OR_DOMAIN is the actual IP address or domain hosting your Webmin installation.) If Webmin is installed on your desktop you can point your browser to http://localhost:10000.

Webmin Firewall

Once you are in the Webmin window you will want to click on the Servers link and then click on the Linux Firewall link. The image to the left is the top portion of the configuration screen. This image is showing a default iptables chain that is installed by default in Fedora. As you can see these chain rules are easily modified, moved, appended, and removed.

The Add Rule Window

I want to illustrate how easy it is to add a new rule to the already existing chain. Let’s say you want to add a rule that denies all incoming connections to port 110 (pop3) to your machine. To do this click on the Add Rule button to reveal the Add Rule window (see image to the right.)

The primary configurations to take for this would be:

• Rule Comment: Give the rule a name.
• Action to take: Drop
• Source Address: Any
• Destination Address: 192.168.1. (This will depend upon your needs. If you have a static IP address for the machine enter that.
• Destination Port: 110

Once you have filled this out, click Create Rule and you will be returned to the main window with your rule listed.

Final Steps

Once you have your new rule(s) created you have to scroll down and click the Apply Configuration button (see the image to the left). You will also notice, near the bottom, buttons that allow you to enable your firewall at boot, reset your firewall, and reset to the currently active firewall.

Once you have applied your configuration, if you want to remove a rule you just created you have to go back to the rule list, select the rule you want to delete, and click the Delete Selected button.

It is also important to make sure you have your rules set up in the right order. It is very easy to arrange your rules with the Webmin Firewall Module. Go to the rule listing and click either the up or down arrow the corresponds to the rule you want to move, The rule is then moved one slot up or down (depending upon which arrow you click). But don’t forget to click the Apply Configuration or your move will not stick.

Final Thoughts

If you are looking for a very simple, web-based, solution for creating a firewall the Webmin firewall module might be the answer for you. Not only is it easy to use, you can administer your firewall remotely.

That was then, this is now and in the now there are graphical front ends to help you build a firewall without having to issue a single command from the command line. One of those tools is fwbuilder. The fwbuilder tool builds iptables rulesets but does so by treating each element of the individual rule as an object, a service, or a time. Objects are addresses. Services are protocols or (as the name implies) services. Time is just as it says, time (such as day of the week or a specific time.)

To start up fwbuilder you will find the menu entry in Applications | Administration (under KDE) or in System | Administration (under GNOME). When you fire up fwbuilder you might find yourself thinking “Where do I start?” The first thing to do is go to the File menu and select New Object File. You have to give your object file a name and then save it.

fwbuilder new object

Once you have done this you are ready to start building. As you can see, in the image to the left, the drop-down icon to the left of the User drop-down is what you click to insert a new object into your object file. Click that drop-down to reveal the list of all object to insert.

The first object you must insert into your object file is the Firewall. When you select that a wizard will open up asking for a name for your firewall, what software will run the firewall, and what OS the firewall will run on. I will name my firewall “Example_Firewall”, I will choose iptables from the software list, and Linux 2.4/2.6 for the OS.

Template Chooser

Now, if you want to go the really easy route you can select to insert preconfigured template for your firewall. If you select this you will have to choose your template. Once you have taken care of this information click Next.

Once you click next you will see a list of different templates available. Each template serves a different purpose. As you click on each template a full description will reveal itself in the bottom pane.

After you select the proper template click the Finish button. Now fwbuilder will be open so you can view your template.

Ready To Insert Objects

The first thing you can do is expand the name of the firewall (in my example I would Example_Firewall) and select the object you want to view. Say you want to view the Policy of this firewall (remember this was created from a template so there are already rules applied). To do this click the “Policy” listed (once you expand the firewall) which will reveal the policy in all its glory.

fwbuilder policy editor

Because this is a template you can not edit the objects. This is one of those that you chose based on a specific, yet simple, need.

In the image to the right you can see the details of the policy included with the single interface firewall template.

If you want to create a custom firewall you would go through the same process but, at the point where you are defining your firewall you wouldn’t choose the Preconfigured Template. Instead you would leave that option unchecked and then, in the next window, choose to “Configure Interfaces Manually”. At this point you would add objects as needed and configure those objects to suit your needs.

Once your firewall is built you must then save the firewall, compile the firewall, and install the rules. Here’s the kicker with configuring your firewalls manually. You will need to know the MAC addresses of your interfaces. Fwbuilder has built in SNMP discovery which will help to map out the various interfaces on your network. To use that tool go to the Tool menu and select Discovery Druid. This tool should keep you from having to manually find and associate MAC addresses.

Final Thoughts

The fwbuilder tool is an outstanding means of creating firewalls for any situation. This article gave you a cursory glance at this powerful tool. Give it a try and build a firewall. Try the templates and, once you are familiar with the tool, build your very own customized firewall.

A good way to perform security tests on antivirus firewall software programs are so called leak tests. These tests simulate different kind of attacks and manipulations on a computer system without actually doing any harm to it. They usually present statistics at the end telling the user which tests the antivirus firewall software program passed and which it failed.

Comodo Leaktest is but one of the many available leak tests on the Internet. The security software is testing a total 34 different attacks and manipulations of a computer system running the Microsoft Windows operating system. Depending on the antivirus and firewall software in use some, all or none might spawn alerts.

The software program will display a score in the end. The maximum amount of points is 340, 10 for each test passed. Each test is explained on a local html page that gets downloaded with the software program. Those information can be used to find out why a test has not been passed. It does require some research though as the information provided are only answers to the questions what the test is doing and what the harm is if the test fails.

The leak test can be divided into different categories. It will begin with some rootkits tests followed by invasion, injection, info send, impersonation and hijacking tests.

Comodo Leak Test is a portable security software that will test an antivirus firewall software that is installed on a Windows operating system. It provides the means to find out if your computer system is still – partially or fully – vulnerable to common attacks encountered locally and remotely.

The url with the free offer will go live at the same time which is why it cannot be posted yet. It is likely that the following page will provide access to the download, it seems to be connected to the offer.

Users who download Zonealarm Pro will receive the software program for free including its one year subscription. The package would normally cost $39.95 for a year. The Zonealarm Pro suite contains a firewall and anti-spyware application.

The website will most likely be overrun tomorrow by thousands of users who want to grab their free copy. The best spots are probably to be among the first or download it in the second half of the day.

Whenever a application requests a connection to the Internet that is not in the list of applications that have already defined firewall rulesets Vista Firewall Control asks the user if he wants to allow or deny that connection.

That’s a known feature from many desktop firewalls. The options are to configure the application to disable or enable all connections or to allow only incoming or outgoing connections.

The list of applications that already have a ruleset can be displayed and edited or deleted if necessary. The free version of Vista Firewall Control does have several limitations and it would probably be better to download and install a third party Firewall like Comodo instead.

Ratings range from Excellent to Unacceptable with Comodo Firewall receiving the only Excellent rating. Comodo on the other hand seems to be the company that created the Test My PC Security website. I don’t think that they are cheating openly about the results but it could be that they designed the tests that way that their firewall would do very well. Now, I’m not an expert on the topic and it just seems a little bit strange, that is all I have to say.

The Steganos Security Suite 2007 combines many tools in one suite and it’s aim is protect your data from hackers and thieves both online and offline. Six of its nine applications are based on encryption, like the email encryption or password manager. Two of the remaining three clean and delete data permanently from the system and one is an anti-theft protection that can be helpful if your computer gets stolen and the thief does go online without wiping the hard drive of the computer first.

Now, here is how you get your free serial number. Go to the following url and enter an email address in the form field. The serial number for the product will be send to it. Now visit My Steganos and create an account for the website. I did use the same email address. They send an verification email again and you have to click on the link contained within to activate the account.

Visit the downloads section of the Steganos website and pick the Steganos Security Suite 2007 from the list of products. You have to enter the serial number after installation to use the product.

Step by Step guide:

• Get your serial number send to your mail account by visiting this page.
• Register an account at the Steganos website
• Confirm the account by opening the link in the email that is send to your account
• Login to the downloads section and download the Steganos Security Suite 2007
• Enter the serial number after installation.

I’m not a huge fan of software firewalls as you can tell from my previous posts on the subject. Still, if you rely on it and use it you might find this information useful. There are basically two methods of reseting the Windows Firewall.

My favorite one is by using the command line and the command netsh firewall reset which is all you need. The firewall will be reset which makes sure that any malicious changes to it are gone. All of your rules and changes are gone as well but that is the price you have to pay.

The second possibility would be to open the control panel, click on the Windows Firewall icon, there on the Advanced tab and finally on the Restore Defaults button.