Saturday, July 4, 2009

Installing Firestarter

No, we are not installing a copy of Drew Barrymore’s early work. We are installing one of the most essential parts of a sound computer security plan, the firewall. Over the years, the term “firewall” has been misunderstood by some. It is sometimes defined as a tool that restricts access to certain web sites. Although some firewalls contain such content filters, this is not the main purpose of a firewall. A firewall is a tool that restricts access to a computer system or network by controlling access to a computer’s ports, which serve as endpoints to data connections. In Ubuntu, the default installation does not open any ports on the computer. Most computer systems have no need for any ports to be opened, so opening no ports during installation does not hinder the performance of the computer.

If Ubuntu does not open any ports at installation, why do you need a firewall? Good question. Although you have no open ports on your computer from the start, you may decide to open certain ports later for features such as remote access, or to host a web server. In any event, when a port on the computer is opened, you need a firewall. If you decide to keep the installation as is and not to open any ports, a firewall can still provide you with important security information. When running a firewall, you are provided information about other computers that are scanning your computer for open ports. While most of these scans are just random, should you see that a particular computer is continually scanning your computer, you may have a problem that you need to contact your Internet provider about. As you become more comfortable with Ubuntu, you may want to set policies on Firestarter. Policies are the rules that the firewall must abide by and are broken down into inbound and outbound policies. By default, Firestarter adheres to the following policies:

• New inbound connections from the Internet to the firewall or client hosts are blocked.

• The firewall host is freely allowed to establish new connections.

• All client hosts are allowed to establish new connections to the Internet, but not to the firewall host.

• Traffic from the Internet in response to connection requests from the firewall or client hosts is allowed back in through the firewall.

Installing Firestarter is simple. Start by going to the Applications menu, and then go to Add/Remove. When the Add/Remove tool is launched, search for the term “Firestarter” in all available applications. Now go through the normal application installation procedures as you have in the past. Once the software is installed, you will need to go to Applications | Internet | Firestarter to launch the program. Once you do this, you will be asked to provide your password. There’s that security at work!

When you click Forward on the welcome screen, you are brought to the Network Device Setup screen. On this screen, you will see the device that allows you to connect to the Internet. Most people will see Ethernet Device (eth0). If you have something different, that is okay. Ubuntu and Firestarter have worked together to determine the network device your computer uses to connect to the Internet so you would select whatever the Network Device Setup screen provides for you. The next part is important. If you did not give your network device an IP address, check IP Address Is Assigned Via DHCP. If you do not remember if you gave your device an IP address, then check this box. Most people will wind up with this box checked. Now you can click Forward.

If you selected IP Address Is Assigned Via DHCP in the previous screen, leave this screen blank and click Forward. Although you may be sharing an Internet connection at home, the Enable Internet Connection Sharing option has a different meaning. This is for computers that allow other computers to connect through their device. It’s unlikely anyone reading this book will need to select this, but if other computers connect through your computer, then check this box. You’ve reached the final configuration stage. Make sure that the Start Firewall Now box is checked and click Save.

Once you click Save, the Firestarter window opens. You can take some time to look over the different options that the firewall has, but don’t change anything, especially the policies. You could disable your ability to get onto the Internet if you set this improperly. Although policies are beyond the scope of this book, the Ubuntu forums provide plenty of information regarding Firestarter. Again, this is one of the benefits of using Ubuntu-supported software! Now, if you want to see Firestarter actually do something, leave this window open, and then open the Firefox web browser. Surf to a couple of sites, and then go back to Firestarter.

Note that the Received and Sent fields have changed. That is because this firewall will log the amount of data transferred on the network device that is active. This information can be helpful because if you are not on the Internet and you notice a heavy amount of traffic on your network device, someone or something may be transferring data without your knowledge.

Once you have familiarized yourself with Firestarter, notice the blue circle with a black arrowhead in your top toolbar. This is an icon to open the Firestarter window and lets you know that the firewall is active. If you click this icon, the Firestarter window will disappear, but the firewall will still protect your computer. If you close the Firestarter window, you will close the program and risk running without firewall protection.

No comments: