Firestarter – A modern Linux Firewall

Firewall

Photo by UkaszSie

FirewallsYou can never escape them!

The Firestarter Team says;

Linux security does not have to be complex, and simplicity does not have to mean sacrificing power.

Irrespective of the operating system, intrusion is one of the key concerns for computers connected to a network. Black hats and white hats have always had a tug-of-war over intrusion detection techniques. Firewalls, as a matter of fact provide a resistance to this, if not a fool proof protection. Firewalls may be a hardware device or a software program used to filter information coming from within or outside the outside network into your private network or your workstation. Firewall may not be the best and the sole way to be secured on a network, but does act like the first cover against most of the network based attacks.

While hunting out for a firewall application to safe guard my Linux installation, I came across a good firewall named Firestarter for Linux. It has an intuitive graphical interface which allows you to configure the firewall in Linux using built in IPtables/IPchains utilities.

Firestarter is a powerful and user friendly firewall beneficial for both Linux desktop users and System Administrators. We shall check out the installation configuration of Firestarter on your Linux machine to help shield your data.

To do a terminal install, fire the run pop-up and type: $sudo apt-get install firestarter

If things go fine, you’ll have Firestarter installed in few keystrokes. You may do the same using any of the alternative ways to install an application, discussed previously in one of my articles.

Setting up Firestarter

Go to System > Administrator > Firestarter (for Ubuntu)

It will allow you to setup your initial configuration when you run the Firestarter for the very first time. Initial steps consist of detection of network devices and selection of one. You also get an option of enabling dial out for modem users and that for for IP address assigned via DHCP.

Do check your routers’ setting if you are using DHCP to assign local address. After checking all the options according to your need, click forward, you’ll be asked for Internet connection sharing. Enable it if your system is on a network. Select the device type – hub/switch. Save your settings.

Get back to the main application window which consists of three tabs – Status, Events & Policy. The status indicator shows whether the Firestarter is active, disabled or locked. Event shows the list of attempted connections that it has blocked. The entries listed in red should be focused. You can visualize the rules for your firewall in the Policy window. It also allows you to create your own policies including options to enable or disable inbound/outbound traffic. These rules can be applied on hosts/ports.

There are primarily 3 inbound policy groups:

  1. Allow connections from hosts- It will allow the traffic from the host which can be predefined by the user as a trusted source.
  2. Allow service- It consist of two parameters – service and target. User can enter a name manually or Firestarter will try to determine the service name itself. The target maybe: Anyone, LAN clients, or a user specified IP, host/network.
  3. Forward service- It is only active if the Internet Connection Sharing is enabled.

Permissive mode allows the user to specify rules that limit outbound connections. Restrictive mode permits you to specify which connections are allowed to have outbound communication.
In order to experience some advanced features, you may go to Preferences.

Firestarter doesn’t really affect your work real-estate as you can minimize it to the system tray by exiting the application and it will notify you by turning its icon to red when a suspicious block alert is encountered. ICMP filtering provides a way to send simple messages containing information or errors.

Options like Echo Request and Echo Reply tells how your firewall handles pings. To block incoming pings, click on Echo reply. Traceroute prevents your machine from being traced via trace route. Tos filtering allows you to set priority on the use of network traffic.

Overall, Firestarter happens to be a great firewall for most users. Do check it out!