Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

most advaced linux firewall GUI options


  • Please log in to reply
23 replies to this topic

#1 shadow_647

shadow_647

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 AM

Posted 06 December 2016 - 11:08 AM

Bin a wile since i looked in to it and i do use mint on my laptop,sadly i like firewalls and most of the GUI/firewalls for Linux don't do it for me.

 

One i like for windows "works on all version from 95~xp" is Filseclab, its opensorce too, to bad no-one ported it to Linux.

not a good firewall by it self mind you, if it crashes it doesn't lock the network so sadly i don't use it by it self but in combo with other firewalls in windows and stack em back to back.

Found Vuurmuur firewall, that one looks decent but i haven't tested it yet,graphics for it look like it came from DOS 6.22 command line years lol sad.

Don't know if its for Linux distros though or a standalone Os.

 

https://www.youtube.com/watch?v=5LbF95Rfkac

 

Things like firestarter, UFW do little for me and im talking about GUI for Linux desktop distros, not standalone edge-firewall linux Os, really sad in a way, blackhats get backtrack/kali Linux stiles Os and what do the whites get ? jack.

As well any app or program that try's to use any network should be "A" blocked if no rules are setup for it and "B" user should be asked what to do if it happens.

 

As well anyone know about any Linux distros that fall in the category of cyber defense stile for white hats?

The good side of the force stile and the reverse of what backtack/kali is.

 

BC AdBot (Login to Remove)

 


#2 HolyCowz

HolyCowz

  • Members
  • 168 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:GMT
  • Local time:05:39 PM

Posted 06 December 2016 - 12:42 PM

I wouldn't say Kali was black hat. 

To me It's a tool made not for black hats but for penetration testing so in a way it's for the white hats  to make sure a network is secure you attack it trying to find a weakness and patch what you find.

It's the people that are black hat not the tool in this case for kali.

 

Gufw isn't bad and as long as you know what your doing you can tighten things up considerably by entering your own rules.

 

Qubes I think falls in the realm of a defensive os certainly more secure that's for sure but remember nothing is fool proof there is away around everything given time and motive. Take a look at the video below

About cubes

 

Qubes website

https://www.qubes-os.org/

 

No matter what you do for cyber defense someone will get round it in the end best you can do is tighten up and hold on lol.



#3 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 AM

Posted 06 December 2016 - 01:41 PM

Qubes looks very interesting, tnx for video, watched the hole thing, i love stuff like that.

A setup like that should help but its not 100% what i was talking about but its part of it, looks like a big pile of sand-boxing :grinner: 

 

Still its not as good as the firewall setup like i have on my winxp box, i have 3 software firewalls back to back and i see all with em, if i really start wondering whats going on ill lunch wire-shark,cores if the system im using is infected you need to check whats going on down the pipe from a different computer seeing as what you might be looking at on the main computer could all be lies.

Good rootkit can more or less make you see or not see anything it wants.

 

Bot-hunter is something i wouldn't mind having built in to a defense "white hat" Os as well,though having it in a dedicated edge-firewall server makes more sense, wanted to set this up for a long time but haven't.

Of cores a setup like that needs 2 computers, sadly most of the edge-firewall Os dont do as much as id like em, example iptables can't run wire-shark.

 

http://www.bothunter.net/index.html

 

Be nice to have piles of network logs running all in real time with piles of firewalls and defenses and something like wire shark running too so you can see all + tools to fight back at the same time.

 

Shame i haven't won the jackpot lottery, like 60 mill, id spend some of it to fund a new Linux Os system/distro, might need more then one box and screen to run and maybe call it Linux cyber defense HQ or something catchy :whistle:

 

Like something so over the top its not even funny, just like backtrack is just the other side of the force.



#4 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:09:39 AM

Posted 06 December 2016 - 02:36 PM

Kali isn't Blackhat, but yes unfortunately some do use it the wrong way. if you need a distro for white hats, My fave is BlackArch, ParrotSecOS, Backbox.

 

 

But if you're going for the best firewall, id go with either QubesOS or Parrot.

 

 

 

I myself use BlackArch, along side Parrot, and Parrot has built in I2P and TOR as an extra layer.

 

for the rootkit thing, i put a rootkit on my TestLinux machine and after a while it wouldn't do anything, so i used chkrootkit -X and it DESTORYED the rootkit.


Edited by Viper_Security, 06 December 2016 - 02:43 PM.

    IT Auditor & Security Professional

hQBT2G3.png


#5 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 AM

Posted 06 December 2016 - 03:11 PM

Fine ok ok blue hats then, don't want to offend anyone :P

 

BlackArch looks evil lol, wish like the others it wasn't all bash/command line, all GUI for toolz would be nice, still a offense not defense OS.

ParrotSecOS is offense too.

Backbox, its called black lol what more is their to say.

 

https://www.trendmicro.com/us/security-intelligence/current-threat-activity/global-botnet-map/

 

botnet-visualizer.png

botnet-tracker.jpg

 

Somehow i doubt any of them have this installed by default.

 

You know i still have my collection of toolz from my win98se years, sadly when i went looking for em to download just for the hell of it or old junk like it i couldn't find any FTP servers or sites that were hosting files like that, don't know why, its all dark age stuff that's good for nothing in 2017 in any case.

 

Of coarse even if the old junk  was hosted for download it would only be used for ethical hacking research :ph34r:



#6 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:09:39 AM

Posted 06 December 2016 - 03:19 PM

No pentesting Distro is made specifically for "offense" per say, and Parrot has quite a few gui tools. also, no distro is going to come with a botnet map. i use shodan for that, it is web based.

 

and doubt all you will, i use them i know what they have haha, no distro is going to come with something like what you posted unless you make it.

 

Also, don't let the Name of the distro fool you, BlackArch is VERY powerful, so is backbox and Parrot.

 

But i suppose yes, if your intent is offensive then, we can not help.


    IT Auditor & Security Professional

hQBT2G3.png


#7 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:03:39 AM

Posted 06 December 2016 - 04:16 PM

You can actually install all the stuff on Kali into basically any Buntu based distro.



#8 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 AM

Posted 06 December 2016 - 05:27 PM

Not to be rude viper and i do appreciate your input but did you smoke something before posting ?

 

Kali isn't Blackhat, but yes unfortunately some do use it the wrong way. if you need a distro for white hats, My fave is BlackArch, ParrotSecOS, Backbox.

 

all the Os here are penetration testing Os meaning offense blue/black hat Os and none probably even come with even something as basic as firestarter.

 

No pentesting Distro is made specifically for "offense" per say, and Parrot has quite a few gui tools

 

penetration testing = offense, meaning hack your way in past defenses, if you are payed/hired to do it and report your findings then your a blue hat, if you do it to seal everyone's emails then try and black mail people after then your a black hat.

 

But i suppose yes, if your intent is offensive then, we can not help.

 

 

Defense not offense, not tools for attacking, tools "like a good firewall" for defense.

As well if the rootkit used can be removed with a simple chkrootkit -X meaning a classic rootkit scanner that means the rootkit used is of little use, a good rootkit should be tested vs all known defenses to see if it can pass the test and stay hidden before even being used.

 

ya nickAu i know what you mean, just blows no good firewalls for Linux  :unsure:



#9 HolyCowz

HolyCowz

  • Members
  • 168 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:GMT
  • Local time:05:39 PM

Posted 06 December 2016 - 05:33 PM

If you want a good firewall then use a hardware one use an old pc and put pfsense on it or one of the other opensource free firewalls.

 

Here is a vid on pf sense.

 

You can also use snort to spot attacks.

https://www.snort.org/

 

The trouble with an offensive os is it is easy to attack and write malware ect but defense is very hard so much harder than attack.

With defense you have to first discover a vulnerability before the bad guys and then understand it to defend from it that takes time all the time your at the mercy of the said vulnerability. This is why I suggested Qubes as it compartmentalizes things making a good foundation to build from and create a defensive system from. 

Kali isn't black hat at all it's a penetration testing tool and is meant for the good guy's that's why kali has forensics in it to but it does get used by some for bad things

 

I think the defensive OS you have in mind doesn't exist yet lol Your best bet is to make your own from different bits of software on a reasonably secure os.

 

Have a look at some of the 3rd party projects to on the snort site also maybe things you can use there.

Like I say I'd build up from a secure os maybe use kali or parrot and test your network once your done.

 {O..O}


Edited by HolyCowz, 06 December 2016 - 06:23 PM.


#10 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:09:39 AM

Posted 06 December 2016 - 05:39 PM

Yes, i did. and I'm not sure about you but I have been an IT Auditor for 10 years. and counting. 

 

 

Just because you can use it offensively does NOT mean that is it's sole purpose. 

 

i break in, and report flaws. I'm a White hat, meaning what i do is Ethical. I have permission, and SEVERAL contracts. 

 

You obviously must not be familiar with the distros if you think they can only be used offensively. 

 

and if you're THAT worried about it, it makes me question your intent, but if you are, read up on whonix, it's made for advanced security. 

 

no need to get yourself twisted up over a simple suggestion. chill.

 

 

 

and as HolyCowz has said, defense is much harder than offense, any ol' SKid can do offense, but white hats, grey hats, black hats, they can write code to counter. SKid's can not. 


Edited by Viper_Security, 06 December 2016 - 05:43 PM.

    IT Auditor & Security Professional

hQBT2G3.png


#11 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 AM

Posted 06 December 2016 - 07:33 PM

Well whonix just seems to be linux + tor + sandbox .

I can all ready do both on winXP and my setup so locked down nothing gets in or out anymore, as for my self i have 35 years of understanding when it comes to pcs and im a repair tech / gamer / overclocker, started with apple ][ computers "1mgz cpu" and still have my books on coding , use to program for apple ][ computers, real books for codeing on a apple ][ are worth something from what i understand "1978".

Use to be pro at msDOS and Qbasic but sadly i know little now when it comes to coding :mellow:

Guess i got old and a good GUI Os makes you lazy.

 

I should go back to school and learn how to code once more.

 

And if you do what you say you do that means your a blue hat not a white but the lines from one hat color to the other at times get blurred, and its nicer to say white in any case lol i do that too sometimes, if im anything my self im more of a gray script kiddy kind of thing, mostly just a old computer vet that's seen a lot in 35 years of computing.

Mostly my thing use to be doing secirty reserch with what tools i have and blasting about it on forums if i found anything.

 

btw

 

Viper: i break in

 

offense.

 

And ya good info HolyCowz, when it comes to distros like ip-tables i think i have like 10 or more all ready on dvd ready to go, just wish it was possible to have something like that built right in to a desktop version of linux and or firewalls as nice as the ones for windows.

 

What is backtrack and the like used for.

https://www.youtube.com/results?search_query=backtrack+rc3

So what do you see ? lolz

I know what i do when i just look at the vid names with out even watching em.

 

I

HolyCowz:  think the defensive OS you have in mind doesn't exist yet lol Your best bet is to make your own from different bits of software on a reasonably secure os.

 

In my case its winXP with monster mods and 3 firewalls just on the Os + a ip black list + wire-shark, but your right the real Os id like to see sadly isn't made yet, guess theirs more cash to be made with making botnets and stealing everyone credit card numbers then their is protecting em with a free Os and free to use software.

When it comes to defense its costly, just look at a hardware firewall $1000 for a decent one.



#12 Viper_Security

Viper_Security

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:09:39 AM

Posted 06 December 2016 - 07:40 PM

@shadow_647 There's MANY languages to learn :) My favorite is python and ruby. but some People now are into HTML+CSS for some reason. 

def hotel_cost (nights):
    return 140 * nights
def plane_ride_cost (city):
    if city == "Charlotte":
        return 183
    elif city == "Tampa":
        return 220

Above is a tiny piece of my TripCalc program.

 

Python is quite simple to learn check it out!


    IT Auditor & Security Professional

hQBT2G3.png


#13 pcpunk

pcpunk

  • Members
  • 6,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:39 AM

Posted 06 December 2016 - 11:09 PM

What about these?

http://linuxbsdos.com/2011/07/22/3-graphical-clients-for-managing-the-uncomplicated-firewall/

 

Here are some gui's for iptables

http://www.iptables.info/en/iptables-gui.html


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#14 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 901 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 07 December 2016 - 01:30 AM

 

Still its not as good as the firewall setup like i have on my winxp box

 

Doesn't matter what firewall setup you have for XP, XP is not supported any more, so any exploits are no longer being patched by Microsoft.

 

There are any number of ways onto a system that a firewall does not protect against, so having a good firewall on an unsecure system will not make it safe.

 

XP is not secure, and cannot be made secure, so should not be "exposed" to the internet.

 

 



#15 shadow_647

shadow_647
  • Topic Starter

  • Banned
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 AM

Posted 07 December 2016 - 04:32 AM

ya good links PCpunk, tnx !

But sadly their very basic but that's the best it gets for linux last i checked, if you have wine/VM and can run a copy of win98, check out zone-alarm 5.5 + visualzone add on for it and that was from 1998 ish, worlds better then what you can get for linux :mellow:

Used that topic for a long time in win98, it was the bleep once, if you don't mind it being spyware some, old topic, i won't get in to it but from what i remember you can turn it off if you know what your doing with it.

 

http://www.oldapps.com/zonealarm.php?old_zalarm=8

https://visualzone.en.uptodown.com/windows

 

visualzone-001.jpg

visualzone-003.jpg

 

 

Gary R:  Doesn't matter what firewall setup you have for XP, XP is not supported any more, so any exploits are no longer being patched by Microsoft.

 

There are any number of ways onto a system that a firewall does not protect against, so having a good firewall on an unsecure system will not make it safe.

 

XP is not secure, and cannot be made secure, so should not be "exposed" to the internet.

 

Well i have a hardware firewall + 3 software firewalls in xp + 50% of services disabled + all default Microsoft ports disabled "netstat shows nothing" + updated anti virus + a lot more mods then that, and it still has patches up to 2019 if you know how to get em, can't really talk about that one here though so that's all i say about the patch topic.

And i used my copy of winXP for some years at one point only doing research with the setup i have, only open ports were 53,80,443 rest all 100% blocked, good luck hacking the newest version of firefox + lot of mods + no flash player + no java.

 

As well 90% of infections are social engineering attacks,if you keep clicking on yes i want to install and you don't read the legal agreement if it comes with one then your done every time and that works vs any version of windows.

 

Btw last i checked "some days ago" something like 20% of all computers in china are still XP, global its like 10%.

 

In any case when it comes to unsecured versions of windows just look at win10, lolz that's not unsecured in my mind and can never be.

 

Could you give an example of a exploit for winXP that's not patched that im at risk of ? and ill let you know if it would work vs my setup.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users