Gufw or firestarter?? which is a better option for Ubuntu ?

[Servant]

Hey guys i have Ubuntu 9.10 installed on my system and wish to know which is a better graphical user interface for iptables on my computer??I am going to install openssh on my computer and then am going to use port forwarding through modem so i can access the server from any place i want to.I am also interested in creating a samba share to transfer files with Windows pc's.I am trying my best to transfer from Windows to linux as is evident here,so i need a few guidelines for this on my queries mentioned above.Thanks in advance.

[Milton.J]

Well what you seem to be doing doesn't make much sense. By default all ports are closed on Ubuntu. A firewall is there to protect you from outside attacks and unwanted connections made to your computer from outside. If you plan to use sshd and install a firewall,you will have to make a compromise and thus compromise your security as well. A firewall is there to prohibit access and will close ports,so you won't be able to reach it with sshd.You will have to make a decision on whether you wish to risk your computer like this which in my humble opinion is a bad idea.

[Spyrus]

You better take some good measures so that you can blacklist unwanted ip addresses from accessing that ssh server. Firestarter is a good GUI in the sense that it always does what you want. In my case i like it because it always assures me that everything is alright in terms of security. I hope you read on some of the how to's on the internet about using ssh because this is a high level risk and many systems get compromised because of that very easily. You need to be aware of things like various ports,bans,ip lists etc if you are venturing in to this territory,so proceed with caution. Good luck

[Snake08]

Well Firestarter is a dead project as far as i am concerned so i would recommend you to go for Gufw which is a very good front end application for iptables on a linux operating system. Brute force attacks are common on ssh servers and you need to take efficient measure to avoid that. Weak passwords is again another common problem with ssh server security. Modifying iptables is a reasonable option if you wish to limit the number of unsuccessful attempts to say 3-5 wrong logins. Security is an evergreen process which is always active and you can't just rest by installing a firewall.

[Zachary]

Go for gufw instead of firestarter if you plan on changing the rules in iptables because its syntax can get pretty messy if you do not do it properly,not to mention your computer is then directly under a security risk. Use the following command to ban an ip address after 3 unsuccessful login attempts.

sudo apt-get install openssh-server denyhosts

You can modify denyhosts to increase the number of attempts to say 5 tries for a particular ip address,block that ip address for all services and not just ssh or expire the bans after some time and so on. Denyhosts can easily be configured to ban an ip address from all services. Your iptables can do this limitation manually if you know how to write the rule first,which is very important.

[Big Fish]

I have been using gufw without any problems till now so i would suggest that front end application to you.These are all just front end graphical user interfaces and it won't matter much if you try and understand how iptables work first.I have been using fail2ban for quite some time now without any issues with ssh.Fail2ban is supposed to work with most of the services you normally use like http,ftp etc so it is worth installing in my opinion.Fail2ban works through the iptables or the firewall while denyhosts works through modification of the /etc/hosts file.My opinion from my experience is that you should go for fail2ban.