Welcome to kfirewall. This application uses ipchains rules. kfirewall gives you the option to close a port for the rest of your network or the internet. There is a list of the most commonly exploited ports later. There is probably some qt and KDE guru out there who thinks this application sucks, or that the code is poorly. I have to say that I am not a very good coder, the kfirewall code may be poor, or/and bad but it works (here anyway). So if you like it, use it, if not send me a mail with things to change.
kfirewall starts with probing you loopback interface, witch is no good. If you would add some rules to your LAN, use eth0, slip0 or plip0 (eth0 is ethernet, slip0 is serial line, plip0 is pararell line), if you should protect your computer against the internet use ppp0, ippp0 (ppp0 for modem, and ippp0 for ISDN).
I would like to say that I am sorry about all the mess with the vesion number. But I have thought it over, and I think i will begin with three digits instead of two :)
The configuration has been updated, all you have to do to is insert your ethernet IP-address and your netmask. You can find these options at the bottom left of the application.
These are the most commonly exploited ports (options to close the Netbus and Back Orifice ports are provided and are wise to choose if you run masqurading).
Port 20-21
This is the FTP port, it is safest to close this. But if you
use FTP for uploads, or you are running a download server
you should probably not close this.
Port 23
This is the telnet port, which you should keep closed at all times.
Many crackers sniff telnet passwords to penetrate systems. Sniffit (and other ethernet sniffers) are applications
which can obtain the login and password a remote user is using.
If you want your computer to have remote login possibility use SSH.
Port 79
This is the finger port, remote users can use this port to obtain information
about all the users on your computer. If you don't want this "feature" you can safely keep this port closed too.
Port 12345-12346
This is the default netbus ports, netbus is a (script kiddie) trojan which can be used
to take control over your computer. I strongly recommend that these ports are
closed at all times.
Port 31337
This is the default back orifice port, back orifice is another (script kiddie) trojan that
also take control over you computer. I strongly recommended that this port
also is closed at all times.
Add rule will block the port you have specified in the port input. Delete rule will open the port you have specified unless the port is not blocked. You can't open a port witch isen't blocked :-)
This is used to flush all the rules, to get a clean and fresh start.
Masqurading on means allow all connections from your network to access the internet.
This is a brand new option, witch will allow you to view all the current rules in ipchains/ipfwadm.
This is a autoprobe for you eth0 device, and only the eth0 device. It will find your IP address and your netmask. If it dosen't get you IP address, then configure it manualy.
This clears the rule list.
If you get an error message like: "ipfchains/ipfwadm died" then there are several things to check. First, are you running kfirewall as root? If not, then you have to "su" to root (since you must be root to handle ipchains and ipfwadm rules). Second, are ipchains or ipfwadm in your $PATH? If not use "export PATH="$PATH:/usr/sbin:/sbin"" to export a new path. If you do not know where ipchains or ipfwadm is located use the whereis or locate command "whereis ipchains".
No, not yet, but I plan to add that functionality in a later version.
I will like to thank all the people who have sent me mail, offered their
help, and given me tips to make this application good (i hope it is).
Robert E. Lee
rlee@mailhost.access.com
Has provided me with some ipchains scripts, witch I will try to include in the next versions. You can obtain these scripts at http://www.enol.com/~rel/ipchains/
Geir Kristiansen
geir37@online.no
Has provided spellchecking (I have some bad english :-)), and given me a lot
of suggestions regarding kfirewall.
Christian Fernandez
rek2@netnictco.net
Is translating kfirewall into spanish.
Jannik "Bitkid" Nielsen
bitkid@cyberjunkie.dk
Is translating kfirewall into dannish.
Thank you guys!
Kim Andre Norheim 1999 kim-nor@online.no