3. Securing your Internet Access via DrakFirewall

This little tool allows you to set up a basic firewall on your machine. It filters connection attempts made from the outside, and blocks unauthorized ones. It's a good idea to run it just after installing your machine and before connecting to the Internet, therefore minimizing the risks of your machine being cracked.

Figure 18.5. The DrakFirewall Window

The DrakFirewall Window

If checked, uncheck the Everything (no firewall) box, and then check the boxes corresponding to the services you wish to make available to the outside world. If you wish to authorize a service which isn't listed here, click on Advanced to manually enter the port numbers to open.

[Tip]Tip

The Advanced button opens an Other ports field where you can enter any port to be opened to the outside world. Examples of port specifications are presented just above the input field: use them as a guide. It's possible to specify port ranges by using the : syntax such as 24300:24350/udp.

Not checking a service in this list won't disallow you from connecting to it. It will only prevent people from the Internet to connect to that service on your machine. If you don't plan on hosting any service on your machine (common case for a desktop machine) just leave all boxes unchecked.

On the other hand if you wish to disable the firewall and leave all services accessible from the outside, check Everything (no firewall), but please bear in mind that this is very insecure, and therefore not recommended.

Then clicking on OK will bring you to the next step, which consists of selecting the network interface connected to the Internet.

Figure 18.6. The Internet Interface

The Internet Interface

Refer to the examples to determine the name of your interface to the Internet. If you're unsure, you can check the system network configuration (see Section 1.3, “Reconfigure Interfaces”). You can finally click OK to install the required packages, activate the firewall and enjoy your secure Internet connection.