|
 Author | Topic: SOLVED-Firestarter (Read 480 times) |
debby
Full Member
member is offline
Joined: Nov 2011
Gender: Male 
Posts: 124
|  | SOLVED-Firestarter
« Thread Started on Dec 4, 2011, 2:42pm » | |
I installed firestarter the firewall. It asks for keyring to start. Ok, so I added it to the Session & Startup and then at reboot it says I need root privileges and fails to run. I tried su and then tried opening the xfce4 sessions settings editor stuff in thunar but I can't get it to open under root. What am I doing wrong? I just want it to run at boot is all.
Thanks for any help
OR, please point me to a fw that a total newb can use and has the ability to startup at boot (the gui) without having to read ten pages of an ubuntu forum.
OK I read this page below (post#40) and got it working but the poster says it's insecure. ??
http://ubuntuforums.org/showthread.php?t=542756&highlight=firestarter&page=4
Gist:
Open sessions and startup and add the line below as a startup item;
sudo firestarter --start-hidden
* Press "OK"
How to have Firestarter start without the root password
Note: THIS IS NOT SECURE !!
edit sudoers as root
• At the very bottom of the file add this line:
USERNAME ALL= NOPASSWD: /usr/sbin/firestarter
• Then use the instructions from the 1st page of the above link
---reboot
| |
|
beardedragon
Global Moderator
member is offline
![[avatar]](http://smile-media-production-1.s3.amazonaws.com/images/83a50d70550b01307b5322000afe0a5a/168x168.jpg "[avatar]")
Joined: Feb 2011
Gender: Male
Posts: 857
| | Re: SOLVED-Firestarter
« Reply #1 on Dec 4, 2011, 10:07pm » | |
I did find this note for security:
A note on the security aspects: This method makes a trade off in local security for convenience. If your user account becomes compromised the attacker will be able to control the firewall. However this method is preferable to having a shared root user password in a multiuser setting. It is also preferable if the alternative is not to run Firestarter at all.
|
Robert Collard, Madison, WI
HP s5710f, 2x AMD Athlon II 260@3.2Ghz 3GB RAM, 640GB HD
Debian 7.0 XFCE-4.10 3.2.0-4-amd64
If you are satisfied with the results, please Edit your first post and add [Solved] to the Subject line. |
|
Anthony Nordquist
Administrator
member is offline
![[homepage]](http://images.proboards.com/new/buttons/www_sm.png "[homepage]")
Joined: Dec 2010
Gender: Male
Posts: 1,336
| | Re: SOLVED-Firestarter
« Reply #2 on Dec 5, 2011, 12:14am » | |
Well, running the GUI at boot can't really be done without having it ask for the root password or using the setup you went with. But, you can go into the Firestarter settings and have it activate on dial out, this will enable the firewall anytime you are connected to the internet. To change settings or view the logs you will have to open the GUI manually though.
| |
|
debby
Full Member
member is offline
Joined: Nov 2011
Gender: Male
Posts: 124
| | Re: SOLVED-Firestarter
« Reply #3 on Dec 6, 2011, 10:44pm » | |
I don't know what's happening but yesterday it worked fine while browsing and torrenting and today I had to remove it so that I could browse at all. I'm going to have to play with it some more when I get around to it. Thanks for the replies. I was hoping for a gui that would let me choose which aps were allowed to connect but iptables doesn't work that way-lol. Do you guys use an iptables gui or even mess with the iptables? Clueless in cali.
| |
|
Anthony Nordquist
Administrator
member is offline
Joined: Dec 2010
Gender: Male
Posts: 1,336
| | Re: SOLVED-Firestarter
« Reply #4 on Dec 10, 2011, 12:16am » | |
You can in fact allow a certain service under the Policy tab in the Firestarter GUI, click in the giant white area underneath Allow service | Port | For and then click the blue + sign in the upper left. It even has presets for things like Bittorrent.
| |
|
mihail
Full Member
member is offline
Joined: Dec 2011
Gender: Male
Posts: 120
Location: Romania
| | Re: SOLVED-Firestarter
« Reply #5 on Dec 10, 2011, 12:58pm » | |
hello guys!
how safe is a linux machine without a firewall? is it a must to have one to improve security?
which one to you recommand, one that makes all the monitoring by itself without being interactive and poping up 
|
|
|
casey972oo
Elder Member
member is offline
![[avatar]](http://images.proboards.com/avatars/redcreature.gif "[avatar]")
GNU/Linux
Joined: Apr 2011
Gender: Male
Posts: 641
Location: Martinique
| | Re: SOLVED-Firestarter
« Reply #6 on Dec 10, 2011, 1:51pm » | |
Dec 10, 2011, 12:58pm, mihail wrote:hello guys!
how safe is a linux machine without a firewall? is it a must to have one to improve security?
which one to you recommand, one that makes all the monitoring by itself without being interactive and poping up |
|
.
Yeah ! ... ' milhail ' ... LINUX ... is not ' Windows ' ! ...
there is a ' Firewall ' ... and a ' Anti-Virus-Program ' ... is called ' clamav ' ! ...
you will find this with ' synaptics-package-manager ' ...
I myself have it installed ! ... but never used it ! ... never needed it ! ...
and there is also a program .. called ... ' bastille ' ... for harden your system ! ...
I realy don't know ... never had any problems with virus on LINUX ! ...
even when this is possible ... theorethical ...
in the practical .. you can just forget about it ! ...
and there is a ... ' Recovery-CD ' ... or .. ' Rescue-CD ' ... from ... ' Avira AntiVir ' ...
on LINUX ! ... from ... ' Peter Anvin ' ! ...
this is workin ... on LINUX ... and on .. ' Windows ' ! ... self-bootin-CD ! ...
if you have some more Questions about this ...
just ask ! ... here in this forum ... we will find an answer ! ...
casey972oo
.
|
casey972oo .. on ' Packard Bell Butterfly ' ! ... ' Intel Pentium SU41oo ' ... with ' SalineOS 1.5 ' ... entire disk ! ... |
|
mihail
Full Member
member is offline
Joined: Dec 2011
Gender: Male
Posts: 120
Location: Romania
| | Re: SOLVED-Firestarter
« Reply #7 on Dec 10, 2011, 2:02pm » | |
thanks, Casey, however the case was about the firewall, not viruses.
clam av worked best for me in winjunk.
so are you refering to the iptables included by default? in the post above? or what?
|
|
|
casey972oo
Elder Member
member is offline
GNU/Linux
Joined: Apr 2011
Gender: Male
Posts: 641
Location: Martinique
| | Re: SOLVED-Firestarter
« Reply #8 on Dec 10, 2011, 2:11pm » | |
Dec 10, 2011, 2:02pm, mihail wrote:thanks, Casey, however the case was about the firewall, not viruses.
clam av worked best for me in winjunk.
so are you refering to the iptables included by default? in the post above? or what? |
|
.
I just did .. ' quote ' .. your post ! ...
casey972oo
.
|
casey972oo .. on ' Packard Bell Butterfly ' ! ... ' Intel Pentium SU41oo ' ... with ' SalineOS 1.5 ' ... entire disk ! ... |
|
62chevy
Senior Member
member is offline
![[avatar]](http://img541.imageshack.us/img541/451/hrdp0704patinachevrolet.jpg "[avatar]")
Hard Core!
Joined: Jan 2011
Gender: Male
Posts: 412
Location: West Virginia, USA
| | Re: SOLVED-Firestarter
« Reply #9 on Dec 10, 2011, 6:00pm » | |
Dec 10, 2011, 2:02pm, mihail wrote:thanks, Casey, however the case was about the firewall, not viruses.
clam av worked best for me in winjunk.
so are you refering to the iptables included by default? in the post above? or what? |
|
Maybe I can answer your question for you. Linux has very few virus mostly on servers. Enough about that what you want to know is can someone use your computer with Linux running and the answer is yes. And it comes in degrees or some is harmless for the most part to out right control of it.
The reason I installed a firewall is because my cable modem never stopped blinking. I thought this was strange so I installed some sniffers and found that a lot of companies were sending requests for info to my computer. By installing a firewall (shorewall) stopped this activity i.e. the firewall DROPPED ALL net2fw net2loc requests and my modem is now silent when not in use by me or my wife.
Hope this helped.
|
Debian 6.0.3 Gnome2
Debian - Sid Caution DE may change on a whim.
SalineOS 1.5
|
|
mihail
Full Member
member is offline
Joined: Dec 2011
Gender: Male
Posts: 120
Location: Romania
| | Re: SOLVED-Firestarter
« Reply #10 on Dec 11, 2011, 1:44am » | |
It did, 62chevy same here...
so, shorewall you say... hmm, I think I'll give it a go. Thanks.
|
|
|
debby
Full Member
member is offline
Joined: Nov 2011
Gender: Male
Posts: 124
| | Re: SOLVED-Firestarter
« Reply #11 on Dec 11, 2011, 11:29am » | |
I messed with firestarter some more and have it somewhat figured out. I installed shorewall but it's initial configuration under a single ip is daunting atm. I'll have to read some more and try and figure it out. It's quick start guide is anything but.
| |
|
debby
Full Member
member is offline
Joined: Nov 2011
Gender: Male
Posts: 124
| | Re: SOLVED-Firestarter
« Reply #12 on Feb 4, 2012, 1:17pm » | |
I should have added that besides the steps in my 1st post you must edit your firestarter.sh file in /etc/ firestarter and comment out 4 lines like so:
#if [ "$MASK" = "" -a "$1" != "stop" ]; then
# echo "External network device $IF is not ready. Aborting.."
# exit 2
#fi
Weird, but firestarter was working perfectly in 1.5 without the gui at all and now in 1.6 I kept seeing "failure" at both boot & shutdown. It's possible that the above step is all I need even though
# sudo iptables -nL
gave no error. At least I have no more failure messages.
| |
|
|
![[Home]](http://images.proboards.com/new/menu/home.png "[Home]")
![[New Topics]](http://images.proboards.com/menu/topics.png "[New Topics]")
![[Help]](http://images.proboards.com/new/menu/help.png "[Help]")
![[Search]](http://images.proboards.com/new/menu/search.png "[Search]")
![[Login]](http://images.proboards.com/new/menu/login.png "[Login]")
![[Register]](http://images.proboards.com/new/menu/register.png "[Register]")
![[Search This Thread]](http://images.proboards.com/new/buttons/search2.png "[Search This Thread]")
![[Share Topic]](http://images.proboards.com/new/buttons/share.png "[Share Topic]")
![[Print]](http://images.proboards.com/new/buttons/print.png "[Print]")
Logged