Is there a list of recommended ports that should be opened and closed?
Is there a list of recommended ports that should be opened and closed?
Simple.
Close them all, except the ones you specifically run network services on that you want available to other systems.
For example, if you run a web server that only listens on port 443/tcp (HTTPS), then that is the only port you would open.
If you run ssh-server, then for the local network, you'd want to allow 22/tcp. If you allow it from the internet, then I'd strongly suggest running fail2ban which will automatically create a firewall block after 3 failed attempted logins. BTW, internet attempts shouldn't allow passwords for ssh authentication, only ssh-keys.
Easy enough?
I am not running a server or any type of service.
I just want to be able to surf the web, use email and play some games.
Could you tell me what ports to use for the above mentioned usage?
I am new to Linux. I have installed Kubuntu Plasma. It's awesome.
Thanks in advance.
If you aren't running any services/network daemons, then there is little need for a firewall if you are behind a normal, maintained, patched, router. If you take a computing device beyond that router or aren't 100% positive that the router is correctly maintained, and patched, monthly, then block all inbound ports with a firewall on the computer.
An unmaintained router is a security risk beyond all others. Mainly because it provides a false sense of security that doesn't actually exist.
My router is from Verizon FiOS. As far as I know they update is every now-and-again.
I wouldn't trust it. I've worked at a similar-sized ISP specifically with patching CPE routers. Don't trust those devices. Their goal is to minimize customer complaints and gather marketing data, not provide the best possible security. Every time a new firmware is pushed out, some number of devices have a fault of some sort.
I have a mandated ISP router (no choice of mine). I have my own router just inside it to provide real protection. Their router runs in bridge mode and acts as a guest wifi for visitors. Mine runs a router distro that I know is correctly maintained and easily patched.
Last edited by TheFu; September 19th, 2019 at 04:58 PM.
Cheers & Beers, uRock
[SIGPIC][/SIGPIC]
Solved
Solved
Bookmarks