Tuesday, December 26, 2006

FireHOL on Debian Linux.

Even do Linux is one of the more secure operating systems this is not preventing you from taken some precautions. You still will need to have a proper firewall to make sure your workstation is not misused in any way. Personally I use on the inside of my network on every Linux workstation FireHOL to create an extra layer of security. This is on top of, or below if you prefer, my 2 external firewalls.

From Wikipedia, the free encyclopedia:
FireHOL is a firewall application designed to work with a lower level firewall utility for the linux kernel, iptables. FireHOL does not use a GUI, but is configured through an easy to understand plain text configuration file. An further advantage of FireHOL is its friendliness to beginners - you don't have to worry about the answer packet because FireHOL first parses the configuration file and then sets the appropriate iptables rules to achieve the expected firewall behavior.


Installation of FireHOL on Debian Linux is quite simple. It can completely be installed by using the apt-get command. More information on the current state of the Debian FireHOL package can be found in on the FireHOL package website.

#apt-get install Firehol

This will take care of the download, installing and basic config of firehol. Please do remember that firehol is disabled by default upon installation. To change this you will need to edit the /etc/default/firehol file.

Change the line: START_FIREHOL=NO
To this: START_FIREHOL=YES

Also you will need to modify the /etc/firehol/firehol.conf file. Here all the configuration parameters for FireHOL are maintained. For more information about how to configure and the complete list of options you can refer to the FireHOL website

For starting FireHOL after the installation and configuration will need to issue the following command: /etc/init.d/firehol start


No comments: