<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>3. Securing your Internet Access via DrakFirewall - TRANSLATE ME</title> <link rel="stylesheet" href="images/mdk-doc.css" type="text/css"> <meta name="generator" content="DocBook XSL Stylesheets V1.73.2"> <meta name="keywords" content="Mandriva Linux, drakxtools"> <link rel="start" href="index.html" title="Mandriva Linux 2008 Spring"> <link rel="up" href="mcc-security.html" title="Capítulo 8. Seção de “Segurança”"> <link rel="prev" href="drakperm.html" title="2. Controlando Permissões de Arquivos com o DrakPerm"> <link rel="next" href="drakinvictus.html" title="4. Redundância de Interface de Rede e Firewall"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> <div class="navheader"> <table width="100%" summary="Navigation header"> <tr> <th colspan="3" align="center">3. Securing your Internet Access via DrakFirewall - TRANSLATE ME </th> </tr> <tr> <td width="20%" align="left"><a accesskey="p" href="drakperm.html">Anterior</a> </td> <th width="60%" align="center">Capítulo 8. Seção de “<span class="quote">Segurança</span>” </th> <td width="20%" align="right"> <a accesskey="n" href="drakinvictus.html">Próxima</a></td> </tr> </table> <hr> </div> <div class="section" lang="pt-BR"> <div class="titlepage"> <div> <div> <h2 class="title" style="clear: both"><a name="tinyfirewall"></a>3. Securing your Internet Access via DrakFirewall - TRANSLATE ME </h2> </div> </div> </div> <p><a name="BId-tinyfirewall-pa1"></a><a class="indexterm" name="BId-tinyfirewall-it1"></a> <span class="inlinemediaobject"><img src="images/tinyfirewall-icon.png"></span>This little tool allows you to set up a basic firewall on your machine. It filters connection attempts made from the outside, and blocks unauthorized ones. It's a good idea to run it before connecting to the Internet, therefore minimizing the risks of your machine being compromised. </p> <p><a name="BIdNEW-tinyfirewall-pa5"></a>This Wizard consists of the steps detailed below. </p> <div class="section" lang="pt-BR"> <div class="titlepage"> <div> <div> <h3 class="title"><a name="d5e5210"></a>3.1. Choosing Services to be Available from Outside </h3> </div> </div> </div> <div class="figure"><a name="tinyfirewall-main"></a><p class="title"><b>Figura 8.6. The DrakFirewall Window</b></p> <div class="figure-contents"> <div class="mediaobject" align="center"><img src="images/tinyfirewall-main.png" align="middle" alt="The DrakFirewall Window"></div> </div> </div><br class="figure-break"> <p> <b>Open Up Ports, If Needed. </b> If checked, uncheck the <span class="guilabel">Everything (no firewall)</span> box, and then check the boxes corresponding to the services you wish to make available to the outside world. If you wish to authorize a service which isn't listed here, click on <span class="guilabel">Advanced</span> to manually enter the port numbers to open and to control the logging of firewall messages. </p> <div class="tip" style="margin-left: 0.5in; margin-right: 0.5in;"> <table border="0" summary="Tip: Opening Unusual
 Services"> <tr> <td rowspan="2" align="center" valign="top" width="25"><img alt="[Dica]" src="images/tip.png"></td> <th align="left">Opening Unusual Services </th> </tr> <tr> <td align="left" valign="top"> <p><a name="BId-tinyfirewall-pa3b"></a>Clicking on <span class="guilabel">Advanced</span> opens a field named <span class="guilabel">Other ports</span> where you can enter any port to be opened to the outside world. Examples of port specifications are presented just above the input field: use them as a guide. It's possible to specify port ranges by using the <code class="literal">:</code> syntax such as <code class="literal">24300:24350/udp</code>. </p> </td> </tr> </table> </div> <p> <b>This Won't Block You from Accessing the Net. </b> Not checking a service in this list won't stop you from connecting <span class="emphasis"><em>to</em></span> the Internet. It will only prevent people <span class="emphasis"><em>from</em></span> the Internet connecting to that service on your machine. If you don't plan on hosting any services on your machine (common case for a desktop machine) just leave all boxes unchecked. </p> <p> <b>How to Disable the Firewall. </b> On the other hand if you wish to disable the firewall and leave all services accessible from the outside, check <span class="guilabel">Everything (no firewall)</span>, but please bear in mind that this is <span class="emphasis"><em>very insecure</em></span>, and therefore not recommended. </p> </div> <div class="section" lang="pt-BR"> <div class="titlepage"> <div> <div> <h3 class="title"><a name="d5e5251"></a>3.2. Activating Interactive Firewall Feature </h3> </div> </div> </div> <div class="figure"><a name="tinyfirewall-ifw-interface"></a><p class="title"><b>Figura 8.7. Interactive Firewall Options</b></p> <div class="figure-contents"> <div class="mediaobject" align="center"><img src="images/tinyfirewall-ifw-interface.png" align="middle" alt="Interactive Firewall Options"></div> </div> </div><br class="figure-break"> <p> <b>Stay Informed of Connections on your Machine. </b> <span class="inlinemediaobject"><img src="images/drakconnect-connected-icon.png"></span>The interactive firewall can warn you of connection attempts on your machine by displaying alert popups through the network applet. Check the <span class="guilabel">Use Interactive Firewall</span> option to activate this feature. </p> <div class="variablelist"> <dl> <dt><span class="term"><a name="BIdNEW-tinyfirewall-te1"></a><span class="guilabel">Port scan detection</span></span></dt> <dd> <p><a name="BIdNEW-tinyfirewall-pa7"></a>Activate this option to be warned of malicious attempts to access your machine. </p> </dd> <dt><span class="term"><a name="BIdNEW-tinyfirewall-te2"></a>Other entries corresponding to open ports</span></dt> <dd> <p><a name="BIdNEW-tinyfirewall-pa8"></a>Next you are shown a checkbox for each port you have chosen to open during the previous step. Activating them will popup a warning each time a connection attempt is made on those ports. </p> </dd> </dl> </div> </div> <div class="section" lang="pt-BR"> <div class="titlepage"> <div> <div> <h3 class="title"><a name="d5e5281"></a>3.3. Which Interface(s) to Protect </h3> </div> </div> </div> <p><a name="BIdNEW-tinyfirewall-pa3"></a>The next step consists of selecting the network interface connected to the Internet. </p> <div class="figure"><a name="tinyfirewall-interface"></a><p class="title"><b>Figura 8.8. The Internet Interface</b></p> <div class="figure-contents"> <div class="mediaobject" align="center"><img src="images/tinyfirewall-interface.png" align="middle" alt="The Internet Interface"></div> </div> </div><br class="figure-break"> <p><a name="BIdNEW-tinyfirewall-pa4"></a>If you don't know which interfaces you have connected for the Internet, you can check the system network configuration (see <a class="xref" href="internet-connection.html#drakconnect-manage" title="1.2. Centro de Rede: Reconfigurando e Monitorando Interfaces de Rede">Seção 1.2, “Centro de Rede: Reconfigurando e Monitorando Interfaces de Rede”</a>). You can finally click <span class="guibutton">OK</span> to install the required packages, activate the firewall and enjoy your secure Internet connection. </p> </div> </div> <div class="navfooter"> <hr> <table width="100%" summary="Navigation footer"> <tr> <td width="40%" align="left"><a accesskey="p" href="drakperm.html">Anterior</a> </td> <td width="20%" align="center"><a accesskey="u" href="mcc-security.html">Acima</a></td> <td width="40%" align="right"> <a accesskey="n" href="drakinvictus.html">Próxima</a></td> </tr> <tr> <td width="40%" align="left" valign="top">2. Controlando Permissões de Arquivos com o DrakPerm </td> <td width="20%" align="center"><a accesskey="h" href="index.html">Principal</a></td> <td width="40%" align="right" valign="top"> 4. Redundância de Interface de Rede e Firewall</td> </tr> </table> </div> </body> </html>