Iptables can control all traffic to and from the internet, and all traffic to and from other computers on a network. It can be used to keep the computer secure.
To use Iptables, you must Install it.
To start the basic firewall each time Tinycore is started, add
Before connecting to the internet, turn the computer off and restart, so the firewall is running.
If you have persistent opt, settings will be saved. If you don't have persistent opt, you must Backup when shutting down Tinycore.
This firewall is ideal for most home users.
To display the iptables setup, open the terminal and type
sudo iptables -vL
To display numeric values, type
sudo iptables -vnL
Following is a simplistic explanation (not a comprehensive explanation) of how the firewall works, for those not familiar with Iptables.
If you open the terminal and type one of the commands above, you will see the Iptables rules.
You will notice three headings:
Chain INPUT policy DROP
Chain FORWARD policy DROP
Chain OUTPUT policy ALLOW
These policies determine what happens to anything not covered by other Iptables rules.
OUTPUT refers to anything sent from your computer. Notice the policy is ALLOW. The OUTPUT chain does not have any other rules. So everything you send will be allowed.
FORWARD refers to anything passed to other computers in a network. The policy is DROP. Nothing will be passed to other computers. This firewall is for a single computer. A firewall for a network would have different rules.
INPUT refers to anything coming into your computer.
The INPUT chain has rules.
In the first rule, you will notice it says “lo.” This rule is for loopback. Loopback is when something starts in your computer and finishes in your computer, but passes through the firewall on the way. Loopback is accepted. It is not a security threat, as it comes from your computer.
In the second rule, you will see anything “RELATED,ESTABLISHED,” is accepted. RELATED refers to anything related to what you are doing. For example, if you are viewing a web page, anything from that web page will be accepted. Established refers to more of something which has already been accepted. More from the same web page will be allowed because it is established.
Notice the third rule says “dpt:auth” or “dpt:113” (destination port: authentication/113). Port 113 is used for authentication. Notice the policy is REJECT.
What is the difference between DROP and REJECT? In both cases, anything sent is prevented from entering your computer. When DROP is used, nothing is returned to the sender. When REJECT is used, a message is returned to the sender, saying received what you sent but not allowing it into the computer.
Not allowing it into your computer maintains security, as port 113 could be used by hackers, or to transmit malware.
Some programs use port 113 for authentication. If it was just dropped, they may wait some time for a response, so connecting may take longer. When your computer sends a message back, there is no need to wait, so connection is quicker.
There are only three rules. What happens to anything else sent to your computer? This is where Chain INPUT policy DROP comes in. Anything not covered by any of the rules will be dropped.
Some people refer to this firewall as putting the computer in stealth mode. Anything sent to your computer which you did not request will be dropped. If malware was sent to your IP address, it would be prevented from entering your computer. If someone tried to hack into your computer, anything they sent would be prevented from entering your computer, and the computer would not send a response back, so they would not know you are there (except for things sent to port 113).
If you use this firewall in Tinycore it is extremely unlikely that you will have any security problems.
However, hackers, and people writing malware, often look at existing security measures and try to find ways to get around them.
There is no such thing as a computer connected to the internet which can be guaranteed to be totally secure.
To be safe, don't have anything on your computer which hackers could use. For example, don't have bank account details on your computer. If it is not there, there is no risk that someone could get it. Then you can be totally confident about security.