Firewall
Tony Arnold
tony.arnold at manchester.ac.uk
Thu Apr 14 13:20:18 UTC 2005
On Thu, 2005-04-14 at 13:35 +0100, Baza wrote:
> On 14/4/05 1:14 pm, "lluishc" <lluishc at gmail.com> wrote:
>
> > Maybe it's a silly question, but is it really safe not to use a
> > firewall? i'm very new in linux, u can imagine what OS i come from....
> >
Not a silly question at all!
One of the things I like about the Ubuntu distro, is that out of the box
there are no services listening for incoming traffic. Thus, if there is
nothing listening, then nothing can get in and the box is relatively
safe.
But to be useful, you will inevitably start up various services, e.g.,
an ssh daemon, printing daemon etc. You will need holes in any firewall
to allow this traffic through, but a firewall may be able to easily
restrict where such incoming connections originate from. For example, my
box allows incoming SMTP traffic. I could firewall this and only allow
such connections from the University mail routers as no-one else should
be sending mail to me directly.
I may also be right in saying that firewall will quietly drop any
incoming packets it is blocking whereas a system that just has no
services listening may actually respond to the initial connection packet
with a reset packet. There is a potential risk of a DoS from somewhere
and hackers can also use this to finger print your system and conclude
what OS you are running and direct attacks accordingly. So a firewall is
safer.
Regards,
Tony.
--
Tony Arnold, IT Security Coordinator, University of Manchester,
Manchester Computing, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold
More information about the ubuntu-users
mailing list