<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>3. Securing your Internet Access via DrakFirewall - TRANSLATE ME</title>
<link rel="stylesheet" href="images/mdk-doc.css" type="text/css">
<meta name="generator" content="DocBook XSL Stylesheets V1.73.2">
<meta name="keywords" content="Mandriva Linux, drakxtools">
<link rel="start" href="index.html" title="Mandriva Linux 2008 Spring">
<link rel="up" href="mcc-security.html" title="Capítulo 8. Seção de “Segurança”">
<link rel="prev" href="drakperm.html" title="2. Controlando Permissões de Arquivos com o DrakPerm">
<link rel="next" href="drakinvictus.html" title="4. Redundância de Interface de Rede e Firewall">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr>
<th colspan="3" align="center">3. Securing your Internet
Access via DrakFirewall - TRANSLATE ME
</th>
</tr>
<tr>
<td width="20%" align="left"><a accesskey="p" href="drakperm.html">Anterior</a>
</td>
<th width="60%" align="center">Capítulo 8. Seção de “<span class="quote">Segurança</span>”
</th>
<td width="20%" align="right"> <a accesskey="n" href="drakinvictus.html">Próxima</a></td>
</tr>
</table>
<hr>
</div>
<div class="section" lang="pt-BR">
<div class="titlepage">
<div>
<div>
<h2 class="title" style="clear: both"><a name="tinyfirewall"></a>3. Securing your Internet
Access via DrakFirewall - TRANSLATE ME
</h2>
</div>
</div>
</div>
<p><a name="BId-tinyfirewall-pa1"></a><a class="indexterm" name="BId-tinyfirewall-it1"></a> <span class="inlinemediaobject"><img src="images/tinyfirewall-icon.png"></span>This little tool allows you to set up a basic firewall
on your machine. It filters connection attempts made from the outside, and
blocks unauthorized ones. It's a good idea to run it before
connecting to the Internet, therefore minimizing the risks of your machine
being compromised.
</p>
<p><a name="BIdNEW-tinyfirewall-pa5"></a>This Wizard consists of
the steps detailed below.
</p>
<div class="section" lang="pt-BR">
<div class="titlepage">
<div>
<div>
<h3 class="title"><a name="d5e5210"></a>3.1. Choosing Services to be
Available from Outside
</h3>
</div>
</div>
</div>
<div class="figure"><a name="tinyfirewall-main"></a><p class="title"><b>Figura 8.6. The DrakFirewall
Window</b></p>
<div class="figure-contents">
<div class="mediaobject" align="center"><img src="images/tinyfirewall-main.png" align="middle" alt="The DrakFirewall Window"></div>
</div>
</div><br class="figure-break">
<p>
<b>Open Up Ports, If
Needed. </b>
If checked, uncheck the
<span class="guilabel">Everything (no firewall)</span> box, and then check the
boxes corresponding to the services you wish to make available to the
outside world. If you wish to authorize a service which isn't listed
here, click on <span class="guilabel">Advanced</span> to manually enter the port
numbers to open and to control the logging of firewall messages.
</p>
<div class="tip" style="margin-left: 0.5in; margin-right: 0.5in;">
<table border="0" summary="Tip: Opening Unusual
 Services">
<tr>
<td rowspan="2" align="center" valign="top" width="25"><img alt="[Dica]" src="images/tip.png"></td>
<th align="left">Opening Unusual
Services
</th>
</tr>
<tr>
<td align="left" valign="top">
<p><a name="BId-tinyfirewall-pa3b"></a>Clicking on
<span class="guilabel">Advanced</span> opens a field named <span class="guilabel">Other
ports</span> where you can enter any port to be opened to the
outside world. Examples of port specifications are presented just above
the input field: use them as a guide. It's possible to specify port
ranges by using the <code class="literal">:</code> syntax such as
<code class="literal">24300:24350/udp</code>.
</p>
</td>
</tr>
</table>
</div>
<p>
<b>This Won't Block You from
Accessing the Net. </b>
Not checking a service in
this list won't stop you from connecting <span class="emphasis"><em>to</em></span> the
Internet. It will only prevent people <span class="emphasis"><em>from</em></span> the
Internet connecting to that service on your machine. If you don't plan
on hosting any services on your machine (common case for a desktop
machine) just leave all boxes unchecked.
</p>
<p>
<b>How to Disable the
Firewall. </b>
On the other hand if you
wish to disable the firewall and leave all services accessible from the
outside, check <span class="guilabel">Everything (no firewall)</span>, but please
bear in mind that this is <span class="emphasis"><em>very insecure</em></span>, and
therefore not recommended.
</p>
</div>
<div class="section" lang="pt-BR">
<div class="titlepage">
<div>
<div>
<h3 class="title"><a name="d5e5251"></a>3.2. Activating Interactive Firewall
Feature
</h3>
</div>
</div>
</div>
<div class="figure"><a name="tinyfirewall-ifw-interface"></a><p class="title"><b>Figura 8.7. Interactive
Firewall Options</b></p>
<div class="figure-contents">
<div class="mediaobject" align="center"><img src="images/tinyfirewall-ifw-interface.png" align="middle" alt="Interactive Firewall Options"></div>
</div>
</div><br class="figure-break">
<p>
<b>Stay Informed of Connections
on your Machine. </b>
<span class="inlinemediaobject"><img src="images/drakconnect-connected-icon.png"></span>The interactive firewall can warn you of
connection attempts on your machine by displaying alert popups through
the network applet. Check the <span class="guilabel">Use Interactive
Firewall</span> option to activate this feature.
</p>
<div class="variablelist">
<dl>
<dt><span class="term"><a name="BIdNEW-tinyfirewall-te1"></a><span class="guilabel">Port scan
detection</span></span></dt>
<dd>
<p><a name="BIdNEW-tinyfirewall-pa7"></a>Activate this option to be
warned of malicious attempts to access your machine.
</p>
</dd>
<dt><span class="term"><a name="BIdNEW-tinyfirewall-te2"></a>Other entries corresponding to
open ports</span></dt>
<dd>
<p><a name="BIdNEW-tinyfirewall-pa8"></a>Next you are shown a checkbox
for each port you have chosen to open during the previous step.
Activating them will popup a warning each time a connection attempt
is made on those ports.
</p>
</dd>
</dl>
</div>
</div>
<div class="section" lang="pt-BR">
<div class="titlepage">
<div>
<div>
<h3 class="title"><a name="d5e5281"></a>3.3. Which Interface(s) to
Protect
</h3>
</div>
</div>
</div>
<p><a name="BIdNEW-tinyfirewall-pa3"></a>The next step consists
of selecting the network interface connected to the Internet.
</p>
<div class="figure"><a name="tinyfirewall-interface"></a><p class="title"><b>Figura 8.8. The Internet Interface</b></p>
<div class="figure-contents">
<div class="mediaobject" align="center"><img src="images/tinyfirewall-interface.png" align="middle" alt="The Internet Interface"></div>
</div>
</div><br class="figure-break">
<p><a name="BIdNEW-tinyfirewall-pa4"></a>If you don't know
which interfaces you have connected for the Internet, you can check the
system network configuration (see <a class="xref" href="internet-connection.html#drakconnect-manage" title="1.2. Centro de Rede: Reconfigurando e Monitorando Interfaces de Rede">Seção 1.2, “Centro de
Rede: Reconfigurando e Monitorando Interfaces de Rede”</a>).
You can finally click <span class="guibutton">OK</span> to install the required
packages, activate the firewall and enjoy your secure Internet
connection.
</p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left"><a accesskey="p" href="drakperm.html">Anterior</a>
</td>
<td width="20%" align="center"><a accesskey="u" href="mcc-security.html">Acima</a></td>
<td width="40%" align="right"> <a accesskey="n" href="drakinvictus.html">Próxima</a></td>
</tr>
<tr>
<td width="40%" align="left" valign="top">2. Controlando Permissões de Arquivos com o
DrakPerm
</td>
<td width="20%" align="center"><a accesskey="h" href="index.html">Principal</a></td>
<td width="40%" align="right" valign="top"> 4. Redundância de Interface de Rede e Firewall</td>
</tr>
</table>
</div>
</body>
</html>
