# Which firewall is running



## Abstract (Mar 7, 2010)

Hi Everyone,

How can I find out which firewall is running on my server? 
It's a vps server which is setup by the hosting company so
I don't know what is installed!

Best Wishes,
Richard


----------



## DutchDaemon (Mar 7, 2010)

There is no default firewall (there are three available, but none are active on a default installation), and I'd be surprised if a vendor installed any firewall without notifying you. Anyway, if there's nothing about firewalls in /etc/rc.conf, and nothing specific shows up in [cmd=]kldstat[/cmd], it's unlikely any firewall was activated.


----------



## Kiiski (Mar 7, 2010)

Hi

 If I understood your question right, you could check /etc/rc.conf to see what kind of firewall is enabled there. 
In case you have not yet seen, good starting point for firewalls in FreeBSD from handbook:

http://www.freebsd.org/doc/handbook/firewalls.html

Hope this helps...


----------



## Abstract (Mar 7, 2010)

Hi Everyone,

Thanks for the quick reply. In /etc/rc.conf there isn't any firewall thats been activate. 
If there isn't any firewall installed isn't the risk of a hack higher? 

Best Wishes,
Arian


----------



## Oko (Mar 7, 2010)

Abstract said:
			
		

> Hi Everyone,
> 
> Thanks for the quick reply. In /etc/rc.conf there isn't any firewall thats been activate.
> If there isn't any firewall installed isn't the risk of a hack higher?
> ...



You should not be connected to Internet if you do not have firewall enabled. It is safe to assume that your machine is already hijacked if you surfed the net without firewall. You should reinstall OS and enable PF.


----------



## aragon (Mar 7, 2010)

Abstract said:
			
		

> If there isn't any firewall installed isn't the risk of a hack higher?


Not as high as a machine setup and maintained by an admin who doesn't understand what a firewall is.


----------



## aragon (Mar 7, 2010)

Oko said:
			
		

> You should not be connected to Internet if you do not have firewall enabled. It is safe to assume that your machine is already hijacked if you surfed the net without firewall.


That's an inaccurate generalisation.  What's a firewall going to help on a machine running no more services than those that need to be public?


----------



## Oko (Mar 8, 2010)

aragon said:
			
		

> That's an inaccurate generalisation.  What's a firewall going to help on a machine running no more services than those that need to be public?


So it is safe to assume that machine running no services needs no firewall? Right?

Cheers,
OKO

P.S. In the real world it is safe to assume that any machine running X is hijacked, including this one which runs OpenBSD and it is heavily firewalled


----------



## dennylin93 (Mar 8, 2010)

It's never too late to start learning. Take a look at one of the firewalls and start using it .

The chances of being hacked aren't very high though, unless you haven't been upgrading your machine or your configuration files have holes in them.


----------



## gkontos (Mar 8, 2010)

Oko said:
			
		

> So it is safe to assume that machine running no services needs no firewall? Right?
> 
> Cheers,
> OKO
> ...


Lets not exaggerate here. The purpose of a firewall is to provide statefull inspection on allowed services. A more sophisticated firewall could enforce RFC standards on some of them by using application inspection. 

George


----------



## sniper007 (Mar 8, 2010)

gkontos said:
			
		

> Lets not exaggerate here. The purpose of a firewall is to provide statefull inspection on allowed services. A more sophisticated firewall could enforce RFC standards on some of them by using application inspection.
> 
> George



agree


----------



## BuSerD (Mar 10, 2010)

*Back to your corners ladies.*

The way I interpret this thread, Oko just happens to be approaching the topic from a "Trust No One" (tno) frame of mind. While that does have it's benefits it also causes others (like aragon: no offense just an example) to pick a side. In the end we all want to help and even our criticisms of each other have value.



> If there isn't any firewall installed isn't the risk of a hack higher?



The "risk" of being attacked is exactly the same whether one has a firewall or not.  It is the probability of success that decreases with the use of a firewall. Even that is deterministic based on the method of attack, implementation of the firewall and the skill of the "admin" managing it.


----------



## Abstract (Mar 15, 2010)

Hi Everyone,

Thanks for all the input. I asked my hosting company, I don't have a firewall installed. 
They put a external firewall in front of the machine. Its easier for them then managing
all the seperate little firewalls.

Best Wishes,
Richard


----------



## z662 (Apr 1, 2010)

That is generally what hosting companies do, and like DD said they are very likely NOT going to install any additional software or services that are not default unless you personally request them.  Additionally you should try and find out what their firewall infront of your server has in its ruleset.  Just because they block off incoming traffic that hasnt been initiated from your services or machine doesnt mean that you can trust all of the internal traffic that is being hosted on the other servers.  I.E the other servers they are hosting may likely be compromised and have free reign of traffic to your box.


----------

