Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 43

Thread: do I need a firewall?

  1. #11
    Join Date
    Mar 2006
    Location
    Duluthistan
    Beans
    509
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    Y'all:

    Thanks for your replies! I should have guessed that alot of other people had wondered about whether they needed a firewall.

    To check and improve the security of my system, here is what I did:

    1. I looked at my router (192.168.1.254), and verified that its firewall was ON.

    2. I added NoScript, Click&Clean, and Adblock Plus, and Better Privacy (same function as Click&clean) to my firefox addons (I had already had some of these installed!)

    3. I got educated about Firestarter (wow! stay away from that!)

    4. I read some of the web pages recommended. Some where easier for Old Jimma to read than others. Some were easier to read and dispelled some misconceptions that everybody should be disabused about.

    5. I read samiux's advise and will study it more thoroughly!

    6. I'm going to look at gufw more closely, and hope that my router firewall will protect me.

    7. I'm going to encrypt all of my precious letters from Aunt Harriet.

    Thanks for your replies!

    Very Old Jimma from the Oldest Country in the Galaxy

  2. #12
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,046
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    Quote Originally Posted by Old Jimma View Post
    JKyleOKC:

    If you are not older than rocks, then you are not older than I am.

    Old, old Jimma, the Elder
    Well, that depends on the rock, doesn't it? Out in Hawaii there's a mountain constantly making new ones...

    I'm a quarter of the way into my ninth decade and still going...
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  3. #13
    Join Date
    Feb 2008
    Location
    Planet earth, for now.
    Beans
    Hidden!
    Distro
    Xubuntu

    Re: do I need a firewall?

    Quote Originally Posted by Old Jimma View Post

    5. I read samiux's advise and will study it more thoroughly!
    Complete overkill for a bog standard netbook/laptop/desktop setup. What you've done already is more than enough and more than I've had installed for the last six years. Never had an issue ...

    Your main concern really is if you're swapping files/emails between your Ubuntu install and a Windows install. Water off a duck's back to Ubuntu but you can easily pass an infected file to a Win machine without being aware of it. This is where extra security may be relevant.
    Last edited by Bucky Ball; February 4th, 2013 at 02:23 AM.

  4. #14
    Join Date
    Jun 2008
    Beans
    10

    Re: do I need a firewall?

    OLD JIMA

    Do you need a firewall?
    Simple answer: It depends on your needs and use.

    If it is a laptop that you use on public [wifi] - certainly you do because the internal network is already compromised. I would strongly recommend looking into [ufw] manually and tailoring it to your needs.

    OH and one last thing: STAY ABSOLUTELY CLEAR FROM FIRESTARTER.

    Sadly i would agree with [samiux] that what you need is an [intrusion prevention] system however you do not need to go that complex [serious overkill]. [ufw] if properly configured can accomplish something close. YOU WILL JUST HAVE TO TUNE YOURS.... TAILOR IT TO FIT.
    Last edited by conquerorodueko; February 4th, 2013 at 09:18 PM.

  5. #15
    Join Date
    Dec 2005
    Location
    Western Australia
    Beans
    11,444
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    You do NOT need an intrusion detection system. An IDS is only useful if you are opening ports in your firewall, which you are not doing.

    It's like wearing a knife-proof jacket when standing behind a wall that nobody can get over.

    Also, I see from your other thread that you turned on UFW with your router firewall on, and now are having problems with your home network (as I said would happen in my post). Removing the GUFW package will not turn off the firewall. Reinstall GUFW and turn off the firewall. GUFW is merely a way of talking to the firewall built into the Linux kernel. Ripping off a man's clothes will not kill him.
    I try to treat the cause, not the symptom. I avoid the terminal in instructions, unless it's easier or necessary. My instructions will work within the Ubuntu system, instead of breaking or subverting it. Those are the three guarantees to the helpee.

  6. #16
    Join Date
    Nov 2005
    Location
    Lincolnshire, UK
    Beans
    1,461
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: do I need a firewall?

    Quote Originally Posted by conquerorodueko View Post
    ...If it is a laptop that you use on public [wifi] - certainly you do because the internal network is already compromised. I would strongly recommend looking into [ufw] manually and tailoring it to your needs...
    This is an interesting point!

    My PCs are behind a NAT router and so I have always understood that there was no need for a software firewall to be installed on the PCs.

    However, with a laptop that may be used on public wifi connections, presumably it is best to install a software firewall.

    Would anyone like to confirm this?

  7. #17
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    Quote Originally Posted by Zill View Post
    This is an interesting point!

    My PCs are behind a NAT router and so I have always understood that there was no need for a software firewall to be installed on the PCs.

    However, with a laptop that may be used on public wifi connections, presumably it is best to install a software firewall.

    Would anyone like to confirm this?
    In my opinion, firewall is for the old day guys. You need an IPS. I wonder if anyone know what is IPS. Someone says that it is over killed for desktops and laptops but anyone knows that Linux is very easy to compromised compare with Windows as the attackers are not required to overcome the AV.

    Samiux

  8. #18
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: do I need a firewall?

    Quote Originally Posted by samiux View Post
    In my opinion, firewall is for the old day guys. You need an IPS. I wonder if anyone know what is IPS. Someone says that it is over killed for desktops and laptops but anyone knows that Linux is very easy to compromised compare with Windows as the attackers are not required to overcome the AV.

    Samiux
    I hope you mean something other than anti-virus software when you say AV, as the first thing ransomeware does when infecting a Windows system, is disable the anti-virus software.

  9. #19
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    Quote Originally Posted by cariboo907 View Post
    I hope you mean something other than anti-virus software when you say AV, as the first thing ransomeware does when infecting a Windows system, is disable the anti-virus software.
    First of all, when an attacker is targeted to your systems/network, s/he will do a lot of information gathering tasks. Once s/he get enough information, s/he will perform the attack, sometime it takes several minutes only. However, s/he will spend a lot of time to do information gathering, e.g. a week, a month, a year or so.

    When the attacker is going to attack your systems/network (no matter what the OS is), s/he will try to bypass the security devices/softwares (including IDS/IPS, firewall and anti-virus (AV).

    Attacker will not disable the function of the security devices/softwares in order to keep the victims innocence. If the attacker disable the function of security devices/softwares, the vicitms will be alerted something is going wrong.

    During the post-exploitation, the attacker may plant a backdoor in the victims' systems/network. Or, the attacker will do what they want to do. It is just depends on the purpose of the attack. For example, they will alter the logs when necessary. Sometime, they are not required to do so as their IP address is a fake one or by any other reason.

    IPS may or may not prevent all the attacks but it is a good appliance/software to implement to your systems/network as it will prevent some of the known attacks. The modern IPS can also acts as WAF (Web Application Firewall) which is working on OSI Layer 7 (Application Layer). By the way, IPS is working very close to the stateful iptables. You can say that IPS is an advanced firewall. IPS will protect your systems/network in real time by inspecting and comparing the packets for the traffic. Basic firewall cannot do that, e.g. iptables only.

    By the way, anti-virus also may not prevent your systems/network from being infected.

    Ransomeware is not targeted to a specific victim, it is target to all victims by chance and the purpose of the malware is for ransome only.

    Samiux
    Last edited by samiux; February 6th, 2013 at 05:14 AM. Reason: fix typo

  10. #20
    Join Date
    Nov 2005
    Location
    Lincolnshire, UK
    Beans
    1,461
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: do I need a firewall?

    Quote Originally Posted by samiux View Post
    ...but anyone knows that Linux is very easy to compromised compare with Windows...
    Have you got any evidence for this statement?

Page 2 of 5 FirstFirst 1234 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •