Page 1 of 5 123 ... LastLast
Results 1 to 10 of 43

Thread: do I need a firewall?

  1. #1
    Join Date
    Mar 2006
    Location
    Earth
    Beans
    515
    Distro
    Ubuntu 12.04 Precise Pangolin

    do I need a firewall?

    Hi Ubuntu Community:

    I hope this is the place to ask stupid questions!

    Since it seems that everybody is hacking everybody else these days, I wondered whether I need a firewall.

    The purpose of this email is to find out whether I do, and to learn about what I should take into consideration when setting up Firestarter or gufw.



    I'm just an old geezer, so I'm asking the community of smart young folks who know the answers. However, I definately want the "old Ubuntu" guns to weigh in, if they want!



    Currently, I've got only 2 machines on my home network, both connected to my home's router.

    The first is an "Ubuntu Machine" that does many tasks, including sending receiving email thru T-bird, and also as a MythTV frontend and backend. This machine holds the "family jewels," like
    • documentation of scraps of communication with the ubuntu forums that I couldn't live without, and
    • letters from Aunt Harriet. I'd just die if I lost those.




    All of those treasures are backed up every week to 2 other hard drives.

    The second machine is a 6 year old iBook (ugh!), that occasionally connects with the "ubuntu machine" to access recorded music, and other stuff.

    In 2 months, I will add a third machine to my network. It will be a Mythbuntu HTPC that will serve almost exclusively as a frontend to play TV programs stored on the first "ubuntu machine" described here. My guess is that there will be some sort of "port usage" on the Ubuntu machine when I do that. The third Mythbuntu HTPC will not have a hard drive, just a mobo with processor and memory, mythbuntu loaded on an adequately sized SSD, and a wired connection to our home's router.

    I think that there could be some "port usage" from the 2nd and third machine on my "ubuntu machine." For example, the Myth backend on my "Ubuntu machine" has 2 ports that are specified in its MythTV backend configuration.

    However, that's just a guess, because when people from my generation think about "ports," they think about
    • Barcelona,
    • Murmansk,
    • the famous port of Savanah, GA; and
    • a sweet desert wine that people from my generation drink right after dinner.




    So, my questions to the forum are:
    1. "Do I need a firewall to protect the family jewels?", and
    2. "How should I take into account the various ways my iBook and third computer (Mythbunt frontend) in setting up Firestarter or fugw?"


    Sorry about my ignorance. I'm just an old man with not very much hair left.



    Thank you!
    Old Jimma from the Old Country
    Last edited by Old Jimma; February 3rd, 2013 at 03:02 PM.

  2. #2
    Join Date
    Feb 2010
    Location
    WI USA
    Beans
    10,434
    Distro
    Ubuntu Development Release

    Re: do I need a firewall?

    See the security sub forum and read the stickies. http://ubuntuforums.org/forumdisplay.php?f=338
    Infinite diversity in infinite combination.

    Ubuntu Documentation Search: Popular Pages
    Ubuntu: Security Basics
    Ubuntu: Manual

  3. #3

    Re: do I need a firewall?

    I hope this is the place to ask stupid questions!

    The only stupid question is the one that is not asked; therefore, since you asked, your question is not stupid. Questioning is learning, and learning is always smart.
    Learning is not attained by chance, it must be sought for with ardor and attended to with diligence. Abigail Adams ( 1744 - 1818 ), 1780;

    My blog Poetry and More Free Ubuntu Magazine

  4. #4
    Join Date
    Dec 2005
    Location
    Western Australia
    Beans
    11,479
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    Your router already contains a NAT firewall that will protect the whole network from incoming connections, without making your home network more difficult to manage.

    You don't need an additional firewall. It would just make things more difficult without adding any security benefits.
    I try to treat the cause, not the symptom. I avoid the terminal in instructions, unless it's easier or necessary. My instructions will work within the Ubuntu system, instead of breaking or subverting it. Those are the three guarantees to the helpee.

  5. #5
    Join Date
    Nov 2011
    Location
    /dev/root
    Beans
    Hidden!

    Re: do I need a firewall?

    So, my questions to the forum are:
    1. "Do I need a firewall to protect the family jewels?", and
    2. "How should I take into account the various ways my iBook and third computer (Mythbunt frontend) in setting up Firestarter or fugw?"
    1. Not necessarily (in the computer), because your LAN is behind a router, and it probably has a firewall. Check that there is a firewall in the router, and that it is properly set to deny everything, that is not necessary for you. I guess you need to browse the internet, email and some chat or voip program, but nothing fancy like connecting to your computer from the outside. For more details and security, read this link

    https://wiki.ubuntu.com/BasicSecurity

    I would add that today you should be aware of 'new' threats via normal browsing, so I recommend that you use the add-on NoScript in Firefox. You should also be careful using java runtime (not only java-script).

    2. It depends. Without firewall in the ubuntu computer, no problems ...
    Last edited by sudodus; February 3rd, 2013 at 03:23 PM. Reason: typing error corrected (void --> voip)

  6. #6
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,271
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: do I need a firewall?

    Quote Originally Posted by Old Jimma View Post
    Currently, I've got only 2 machines on my home network, both connected to my home's router.

    --snip--

    So, my questions to the forum are:
    1. "Do I need a firewall to protect the family jewels?", and
    2. "How should I take into account the various ways my iBook and third computer (Mythbunt frontend) in setting up Firestarter or fugw?"


    Sorry about my ignorance. I'm just an old man with not very much hair left.
    Since you're running behind a router, you don't really need any firewall at all on the computer side since the router itself will reject any unsolicited connection attempts unless you take pains to let it do so.

    However a firewall to prevent anything from "calling home" is always nice to have; the one time (years ago on Win95) that I got an actual virus infection, the outgoing firewall was what alerted me to the situation. I'd recommend "gufw" for this; it's already installed but not enabled. A single command, one time, to enable it is all you need to do. Avoid FireStarter; it hasn't been maintained for years. None of these need to be started every time you power up; they remember the settings and restore them automagically...

    And I'll bet that you're at least 10 years younger than me...
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  7. #7
    Join Date
    Jan 2007
    Beans
    6,542
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: do I need a firewall?

    Quote Originally Posted by Old Jimma View Post
    a sweet desert wine that people from my generation drink right after dinner.
    Also quaffed heartily by gunners and armourers of all generations, generally in lieu of food. Which is why you often get pictures of artillery on the bottle.

    How should I take into account the various ways my iBook and third computer (Mythbunt frontend) in setting up Firestarter or fugw?"
    I agree with the advice above, you don't need a software firewall on your individual machines. However, if you were to use one Firestarter is no longer maintained and I wouldn't use it. If you've been reading advice that suggests Firestarter as a firewall it's probably years out of date and should be treated with suspicion.

  8. #8
    Join Date
    Feb 2008
    Location
    In my skin.
    Beans
    Hidden!
    Distro
    Xubuntu

  9. #9
    Join Date
    Mar 2006
    Location
    Earth
    Beans
    515
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    JKyleOKC:

    If you are not older than rocks, then you are not older than I am.

    Old, old Jimma, the Elder

  10. #10
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    Quote Originally Posted by Old Jimma View Post
    Hi Ubuntu Community:

    I hope this is the place to ask stupid questions!

    Since it seems that everybody is hacking everybody else these days, I wondered whether I need a firewall.

    The purpose of this email is to find out whether I do, and to learn about what I should take into consideration when setting up Firestarter or gufw.



    I'm just an old geezer, so I'm asking the community of smart young folks who know the answers. However, I definately want the "old Ubuntu" guns to weigh in, if they want!



    Currently, I've got only 2 machines on my home network, both connected to my home's router.

    The first is an "Ubuntu Machine" that does many tasks, including sending receiving email thru T-bird, and also as a MythTV frontend and backend. This machine holds the "family jewels," like
    • documentation of scraps of communication with the ubuntu forums that I couldn't live without, and
    • letters from Aunt Harriet. I'd just die if I lost those.




    All of those treasures are backed up every week to 2 other hard drives.

    The second machine is a 6 year old iBook (ugh!), that occasionally connects with the "ubuntu machine" to access recorded music, and other stuff.

    In 2 months, I will add a third machine to my network. It will be a Mythbuntu HTPC that will serve almost exclusively as a frontend to play TV programs stored on the first "ubuntu machine" described here. My guess is that there will be some sort of "port usage" on the Ubuntu machine when I do that. The third Mythbuntu HTPC will not have a hard drive, just a mobo with processor and memory, mythbuntu loaded on an adequately sized SSD, and a wired connection to our home's router.

    I think that there could be some "port usage" from the 2nd and third machine on my "ubuntu machine." For example, the Myth backend on my "Ubuntu machine" has 2 ports that are specified in its MythTV backend configuration.

    However, that's just a guess, because when people from my generation think about "ports," they think about
    • Barcelona,
    • Murmansk,
    • the famous port of Savanah, GA; and
    • a sweet desert wine that people from my generation drink right after dinner.




    So, my questions to the forum are:
    1. "Do I need a firewall to protect the family jewels?", and
    2. "How should I take into account the various ways my iBook and third computer (Mythbunt frontend) in setting up Firestarter or fugw?"


    Sorry about my ignorance. I'm just an old man with not very much hair left.



    Thank you!
    Old Jimma from the Old Country
    To protect your network from attacks, only firewall is not enough. You need an Intrusion Prevention System (IPS) which can block/prevent the attacks (based on rules/signatures) from the real time.

    In the old days, IPS is very expensive and the performance is not good. However, nowadays IPS can be setup by yourself free of charge, which is an Open Source software, namely Suricata.

    Suricata can be act as gateway (you need 3 network interfaces, 2 are bridged and one for management purpose) which is also known as network-based. It can be also installed to the servers, desktops and laptops which is known as host-based.

    I have two articles for setting up Suricata in host-based for servers and desktops.

    The performance of the Suricata is quiet good on an Intel Atom D510 ITX machine which is hosting a web server.

    Samiux

Page 1 of 5 123 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •