Hello John,
On Thu, April 22, 2010 22:38, john lewis wrote:
> However I am not sure my handwritten table is secure/comprehensive
> enough. Could I use shorewall, firehol etc to generate iptables on my
> local system then scp them to the server?
>
> I realised I need to do something to make my server more secure as a
> result of a long thread on the bitfolk user list.
I'm also a bitfolk client, and I use a tool called FW Builder. It's a
GUI-based policy builder that can "compile" your security policy to a
shell script. It also has the capability to SCP the script over to your
host, and to activate it via SSH. It is easy enough to use, and it mimics
object-oriented firewall front-ends like the Checkpoint Firewall One
family. It's a good tool to use, especially if you want to make sure you
are OK in terms of security. Yes, it is also true that you won't win any
geek points using it, but the flipside is that I would rather be outside
in the sun walking the dog of flying a kite with my boy... :-)
You can find out more about FW Builder on the main project website:
http://www.fwbuilder.org/
--
Regards,
Jan Henkins
