Linux tips and tweaks
3 graphical firewall utilities to protect your PC
Share this page with your friends! Tweet
In the first part of this article we looked at the way in which you can protect your computer from attack by hackers on the internet on on a local area network. Security is more of an issue for Windows users of course, but just because you're using Linux it doesn't mean that you can totally ignore the subject. Linux PCs aren't immune from attack and they can be hacked with the right tools and someone could access it and steal information.
In part 1 we saw how to enable UFW (Uncomplicated FireWall), but it is about as far from uncomplicated as you can get. In fact, it's quite hard to use because it doesn't have a graphical user interface and you have to type in complex commands at the Terminal. Some Linux distros provide a utility with graphical user interface though, but some don't, including the popular Ubuntu. Here we take a look at some graphical tools for enabling the firewall and configuring it to protect your PC.
It appears on the System, Administration menu in Ubuntu as Firewall Configuration. Run it and you will see a simple tick box to enable the firewall. The default configuration is to block all incoming connections, but to allow outgoing ones. This is fine and it stops hackers getting in, but allows software to access the internet.
GUFW allows you to add rules and these enable programs that need incoming connections to work. For example, if you click Add to add a rule, you can choose from a short list of programs, such as Transmission, the BitTorrent client. There aren't many preconfigured programs, but manual configuration is easy. Basically, you tell it which port to open and then choose whether to allow all PCs or a specific PC to access it using TCP, UDP or both (whatever program you're using will tell you this in the documentation or help file).
GUFW is aimed at novices that aren't very technically knowledgable or for people that simply aren't interested in the technical details of a firewall's workings.
Firestarter is a step up from GUFW and is a superior utility. It isn't much harder to use though and the difference is mainly in the more detailed way that Firestarter reports on network activity.
There are three tabs and the home page displays the firewall status (it's a front end for UFW), the total inbound and outbound events, the amount of data sent and received and the active connections. This is very useful for monitoring the computer for suspicious activity and you can see what's happening at any time.
Inbound connections are blocked and outbound ones allowed by default, but you can create rules to allow programs to accept incoming connections. Around a dozen predefined rules are available and you can use them, modify them, or create your own if you know the port number you need to to open.
Firestarter is a great utility for home or work PCs, but see Guarddog if you travel with a laptop.
An interesting feature, and one of it's best, is that on the Zone tab you can define network zones and have different rules for each one. This could be useful if you travel with a laptop and use it at home, work and at public Wi-Fi hotspots and need to have different security settings. Changing them manually using GUFW and Firestarter would be a problem, but not with Guarddog.
GUFW and Firestarter contain very small lists of applications and services that you might want to enable, but on Guarddog's Protocol tab is a long list of popular programs and services organised into categories. There's chat, data serve, file transfer, game, mail, media and more. In each category are several programs and you just tick the ones you want to enable. It doesn't list everything of course, but it is very useful and it saves you having to configure common programs manually.
The Advanced tab enables you to define your own rules and select the ports you want to open. There is a useful Reset to Factory Defaults that clears all the firewall settings and starts from scratch if you get in a muddle. The software list is great, but it lacks the live display of Firestarter.
All these firewalls are just graphical user interfaces for controlling UFW or ipables, which is built into Linux. Once you have turned on the firewall it remains on even after rebooting and even when GUFW, Firestarter and Guarddog aren't running. These graphical user interfaces just display and enable you to change the rules that iptables uses and iptables runs all the time. You can run these programs and quit them once you have configured the firewall settings. It is useful to have Firestarter running on the screen though because it has a live display of bandwidth usage and connections.