Table of Contents
Advertisement
36
If you choose Medium, your firewall will not allow remote machines to have access to certain
resources on your system. By default, access to the following resources are not allowed:
Ports lower than 1023 — the standard reserved ports, used by most system services, such as
•
FTP, SSH, telnet, and HTTP
The NFS server port (2049)
•
The local X Window System display for remote X clients
•
The X Font server port (by default, xfs does not listen on the network; it is disabled in the font
•
server)
If you want to allow resources such as RealAudio™ while still blocking access to normal system
services, choose Medium. Select Customize to allow specific services through the firewall.
No firewall
No firewall provides complete access to your system and does no security checking. Security
checking is the disabling of access to certain services. This should only be selected if you are
running on a trusted network (not the Internet) or plan to do more firewall configuration later.
Choose Customize to add trusted devices or to allow additional incoming services.
Trusted Devices
Selecting any of the Trusted Devices allows access to your system for all traffic from that device;
it is excluded from the firewall rules. For example, if you are running a local network, but are
connected to the Internet via a PPP dialup, you can check eth0 and any traffic coming from your
local network will be allowed. Selecting eth0 as trusted means all traffic over the Ethernet is
allowed, put the ppp0 interface is still firewalled. If you want to restrict traffic on an interface,
leave it unchecked.
It is not recommended that you make any device that is connected to public networks, such as
the Internet, a Trusted Device.
Allow Incoming
Enabling these options allow the specified services to pass through the firewall. Note, during a
workstation installation, the majority of these services are not installed on the system.
DHCP
If you allow incoming DHCP queries and replies, you allow any network interface that uses
DHCP to determine its IP address. DHCP is normally enabled. If DHCP is not enabled,
your computer can no longer get an IP address.
SSH
Secure SHell (SSH) is a suite of tools for logging into and executing commands on a remote
machine. If you plan to use SSH tools to access your machine through a firewall, enable this
option. You need to have the
machine remotely, using SSH tools.
Telnet
Telnet is a protocol for logging into remote machines. Telnet communications are unen-
crypted and provide no security from network snooping. Allowing incoming Telnet access
is not recommended. If you do want to allow inbound Telnet access, you will need to install
the
telnet-server
Chapter 3. Installing Red Hat Enterprise Linux WS
openssh-server
package.
package installed in order to access your
Advertisement
Table of Contents
Related Manuals for Red Hat ENTERPRISE LINUX WS 2.1
Related Products for Red Hat ENTERPRISE LINUX WS 2.1
- Red Hat NETWORK WORKGROUP
- Red Hat ENTERPRISE LINUX 5.1 - LINUX ORACLE
- Red Hat ENTERPRISE LINUX 5.5 - TECHNICAL NOTES
- Red Hat ENTERPRISE LINUX 3 - FOR IBM ESERVER ISERIES AND IBM ESERVER PSERIES
- Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE
- Red Hat ENTERPRISE LINUX 3 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 4 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4 - LVM ADMINISTRATOR
- Red Hat ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE
- Red Hat ENTERPRISE LINUX 4 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 4 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 5 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4.5.0 -
- Red Hat ENTERPRISE LINUX 5.1 DM MULTIPATH
- Red Hat ENTERPRISE LINUX 5.1 - LVM ADMINISTRATION
Need help?
Do you have a question about the ENTERPRISE LINUX WS 2.1 and is the answer not in the manual?