Why switch the firewall off? I haven't used Fedora in some time, but I have some suggestions:

• Log out of your Gnome desktop, and don't drop to runlevel 3. That way your Gnome desktop isn't locked up.
• Add the ports that VNC uses to your list of allowed ports in the firewall. That way, you don't ever have to worry about it again. VNC display number 0 is port 5900, display 1 is 5901, etc.

One of the things you could try is running redhat-config-securitylevel in the GUI, and just disable your firewall. If you don't have any vital services running, then you don't have to really worry about the security implications of not having a firewall. I personally barely have a firewall, if you could say that. But, I get by because my gateway server has every port closed except for SSH and FTP, and I've set up access control lists on both services, only giving access to clients I've pre-approved to connect to me.

So, I don't have a firewall doing much, but that's because I made sure to cut out unneccesary services. For instance, do you need apache running on your box? What about portmapper? Don't have any NFS shares? You can cut those out. I usually port scan my box every now and then, just to see what ports are open, then I determine if I really need any of the services that are running.

Hi Alex,
thanks for the reply. like yourself i have all of my network hiden away behind smoothwall firewalls, which is why i was giong with just a shutdown.

the truth is when ever i use the gnome security-level tool it does not work, i have fonud that i am unable to change the firewalls on RH8 to Fedora core 2 useing this, and to be honest i havent worked out how to adjust the firewall through the command line.

yea i know, i should really raise my game in this area, but i just tend to rely on my perimiter defences.

if you have time to note down any tips for me, on changing the firewall settings useing the command line, that would rock!

cheers,

spikes

I'll see what I can do there. I'm running RHEL AS 3 at my house, which is based off of Red Hat 9. I'll try to see if I can make heads or tails of the command-line firewall configuration on it tonight...

Hello,

I am running a IPTABLES firewall written by hand with the aid of a RedHat Press book.

I run RedHat 7 & 9 machines, and always boot to just the console. I leave the graphical login client off. I use the vncserver :port -depth commands to spawn off VNC sessions while the main screen remains in a text environment. In those VNC windows, I run TWM to keep the fancy desktop off of the network... a bare-bones xterm is about it for me.

One of these days, I need to build a fedora box and see where that technology is going.

Christian