- Linux news and help for home broadband internet users
 Home | Files | Case Mods | Reviews | Forum | Search | Links | RDF | Contact | Uptime | Server Info | Tracker

Installation Guide
Setting Up
Internet Sharing
Port Forwarding
Services Config
Installing Programs
Game Servers
Using IPTables
Useful Commands
Kernel Upgrading
System Recovery
Red Hat 7.2 Setup
OpenBSD Setup
BPA Login Setup
PPPoE Setup
Add New Hardware
VMware ESX Cmds
Our RC5 Team
Help Support Us

Linux Security
NetStats FAQ
Linux KIS Trojan
CAT5/LAN Cables
Domain Names
Presario RH Install APC Debian DVD
  • Google Demos Soda-Fetching Robots
  • Windows 11's Next Big Update Arrives Next Month With Start Menu Folders, New Gestures
  • American Airlines Agrees To Buy 20 Supersonic Planes from Boom
  • Idaho Company Sues FTC, Claiming Agency Threatened Suit Over Its Tracking Data
  • Amazon Accuses FTC of Harassing Bezos in 'Burdensome' Probe
  • Losses From Crypto Hacks Surged 60% To $1.9 Billion From January To July, Chainalysis Says
  • Apple Lays Off Recruiters as Part of Its Slowdown in Hiring
  • Oracle Begins Auditing TikTok's Algorithms
  • VLC-Developer VideoLan Says India Blocking Site Endangers Its Own Citizens
  • 1,900 Signal Users' Phone Numbers Exposed By Twilio Phishing
  • Earth Had Its 6th-Hottest July and Year To Date On Record
  • Russia Unveils Model of Proposed Space Station After Leaving ISS
  • Intel Drops DirectX 9 Support On Xe, Arc GPUs, Switches To DirectX 12 Emulation
  • An Eye Implant Engineered From Proteins In Pigskin Restored Sight In 14 Blind People
  • WeWork's Former CEO Has a New Startup, Reportedly Valued At More Than $1 Billion

      Securing You Machine

      Due to a few requests we have compiled this page to help you better secure your Linux box from those devious 'hackers' and general 'attackers' that may pray upon you. Since this site deals with setting up Linux for broadband Internet there is always the risk of people trying to gain access to your machine since it is on 24/7, this guide is meant to be a starting point for making your server more secure and in the attempt to prevent the above mention people from causing problems for you.

      Security Guide cont'd.


    Protecting Your Ports
    This is a one of the best ways of securing your machine, if you prevent certain ports from being accessible from people outside your private network (LAN) then there is less chance that they will be able to gain access or cause problems (i.e. via flooding or DoS attacks etc.). To prevent ports from being visible to the outside world you will need to modify your firewall or even better yet you can download an secure firewall script and then modify it to allow the things you want to allow.

    In the previous Setup and Sharing section of this site we described a very simple method of firewalling, this was just using the default action of DENY, although this is good, its not the best, you can do better.

    There are many comprehensive firewall scripts available on the net that can be freely downloaded, we will only talk about a couple here:


    "rcf (aka rc.firewall) is an ipchains-based firewall with support for over 50 network services (including vtun, dhcp, nfs, smb, napster, proxies, online games, etc.), masquerading, port forwarding, and ip accounting. All services are self-contained modules which can be prioritized in the ipchains stack. Protections include spoofing, stuffed routing/masqerading, DoS, smurf attacks, outgoing port scans, and many more. rcf also supports unlimited public, private (masqu'ed), dmz, and mz (non-masq'ed) interface and their subnets. Access rules are defined per interface and dmz/mz server "clusters". rcf is compatible with Red Hat, Slackware, Debian, Linux Router Project (LRP), and many other distros. rcf is distributed under the General Public License (GPL) terms."

    As with most Linux things rc.firewall comes in both a tarball version (rcf-5.1.tar.gz) and a rpm version (rcf-5.1-1.noarch.rpm) for those of you with Red Hat and any distro that supports RPM technology.

    Below is the instructions for installing the tarball version, to install the rpm just type rpm-ivh rcf-5.1-1.noarch.rpm and then you can configure it as below.

    1. Untar the package by typing tar xzvf rcf-5.1.tar.gz.
    2. Next, cd into the directory it creates, e.g. cd rcf-5.1/.
    3. Read the INSTALL file provided. i.e. cat INSTALL | more.
    4. Run sh and follow the prompts, or follow the manual instructions from the INSTALL file.
    5. Edit the appropriate files and start the script. (please read the rc.firewall site mentioned above for details)


    "PMFirewall is an Ipchains Firewall and Masquerading Configuration Utility for Linux. It was designed to allow a beginner to build a custom firewall with little or no ipchains experience."

    This firewall only comes in a tarball version (pmfirewall-1.1.4.tar.gz) and should support just about any version of Linux according to their site.

    1. Untar the package by typing tar xzvf pmfirewall-1.1.4.tar.gz.
    2. Next, cd into the directory it creates, e.g. cd pmfirewall-1.1.4/.
    3. Read the README and INSTALL files provided. i.e. cat README | more, cat INSTALL | more.
    4. Run sh and follow the prompts.
    5. Add you own rules to pmfirewall.rules.local.
    6. Start pmfirewall using the path given by the install script.
    7. Read the man page.
    8. If you wish to see the rules, type: ipchains -L -n
    9. If you have a problem then read the supplied man page. Otherwise e-mail the creator Rick Johnson.

    Firestarter Firewall

    For those of you who want a GUI based firewall then this is definately your choice, its easy to install and can be setup by following the simple steps in the GUI.

    "It features an easy to use firewall wizard to quickly create a firewall. Using the program you can then open and close ports with a few clicks, or stealth your machine giving access only to a select few. The real-time hit monitor shows attackers probing your machine. Firestarter is made for the GNOME desktop."

    You can download the program in either a RPM (firestarter-0.7.1-1.i386.rpm) version or a tarball (firestarter-0.7.1.tar.gz), just use the usual methods to extract them. Firestarte requires GNOME 1.2 or later and IPChains for 2.2.x machines and Netfilter for 2.4.x ones.

    Below is just a quick screenshot of Firestarter in action:

    Stick's Firewall

    This custom firewall by Dave Fitches comes in both a IPchains and IPtables (for 2.4.x kernels) version, these are definitely worth a visit if you want to write your own or just get a nice simple to understand and powerful firewall script.

    In order to use these scripts all you must do is go to the above mentioned pages and copy the test and paste it into a document on your Linux machine, e.g. for the IPchains version just copy the text and open pico filewall.ipchains and past the script into that. You will then need to chmod +x firewall.ipchains, now you can run it, or modify it as you need. Please visit his site for detailed information and setup instructions.

    Final notes and conclusion... CONTINUE

    Proudly Hosted By:
    Hosted by PEBKAC Consulting

    Please read our Legal Notice for information concerning our site and its content.
    All logos and trademarks in this site are property of their respective owner. All the rest © 2000 - 2016 by


    D-Link DI-704P
    VIA EPIA-M 9000
    Tux Applique
    Ricoh MP5125A
    AMD XP 2600+
    3DProphet 9000Pro
    Radeon 9700 Pro
    XTNDAccess IrDA
    Netgear FS-524s
    DSR2161 KVM
    Game TheaterXP & XPS-510 Speakers
    3D Prophet 4000XT
    AutoView 400
    Back-UPS CS 350
    Dual Neon Kit
    SwitchView KVM
    20x4 LCD Kit
    Window Kit

    XML error: Attribute without value at line 2.
    Google Search
    Enter Keywords:

    Bash Jokes

    % ar m God

    ar: God does not exist

    Virtualization, Virtual Machine & Virtual Server Consolidation - VMware

    The Community ENTerprise Operating System

    Get Slackware Linux


    Use Asterisk