Firewall
John DeCarlo
johndecarlo at gmail.com
Sat Jan 1 16:58:13 UTC 2005
On Fri, 31 Dec 2004 17:30:59 +0200, Simon Taplin <simon.taplin at gmail.com> wrote:
> Is it really necessary to run a firewall like firestarter on my ubuntu
> machine since all ports are closed by default or is it better to run it
> just in case?
Simon,
1) Basically, AFAIK, firestarter is a nice GUI but still uses
iptables, etc. that are already running on your Ubuntu machine. So it
helps you manage the firewall, but isn't the firewall.
2) You really do need to have a firewall running, for several reasons:
a) You want to be dropping incoming packets, to be in "stealth"
mode, or you will keep getting scanned over and over.
b) You want to block new software you install from opening ports
you don't know about. And open them by hand as needed. Say you want
vncserver running so you can connect to it remotely - you should
understand what ports you need to open.
3) Trying to maintain your firewall by hand, editing various files,
is tedious and easy to get wrong. At some point, if you install new
software, you will be happier installing a GUI tool to help.
--
John DeCarlo, My Views Are My Own
More information about the ubuntu-users
mailing list