Re: What does ufw do?
Originally Posted by
mcduck
If you haven't installed any server application that would listen for incoming network connections, then enabling UFW won't do anything for you. There is no use for a firewall if there's no connections for it to block...
...and even if you had installed some server, you'd only need a firewall if you wanted to limit it's connectivity beyond what the server's own configuration options allow you to do.
Anyway, UFW just configures rules for the built-in firewall of Linux kernel, and makes sure the rules are loaded on every boot.
I have reread that a few times and not sure if you are saying what i think you are or not...LOL
Anyways to clarify for the OP, a firewall is about more than blocking incoming connections or controlling services that may be associated with a port.
Firewalls also control outgoing connections, regardless of if you have services listening on a given port, you want to control outbound traffic to prevent reverse connections or exploited applications that may configure there own arbitrary port.
The whole thing about not needing a firewall if you have no services listening or because Ubuntu/Linux has no default ports open by default is not a good philosophy in terms of general security best practice
Cheers
Backtrack - Giving machine guns to monkeys since 2006
Kali-Linux - Adding a grenade launcher to the machine guns since 2013
Bookmarks