fire wall ap

David Curtis dcurtis at uniserve.com
Thu Jan 29 20:10:15 UTC 2009 

On Thu, 29 Jan 2009 12:53:13 -0500
Bill <pegasus at sc.rr.com> wrote:

> David Curtis wrote:
> > On Wed, 28 Jan 2009 17:28:43 -0500
> > "Bill" <pegasus at sc.rr.com> wrote:
> >
> >   
> >> I am new to Ubuntu, is it advisable to use (firestarter firewall). I am
> >> aware that Linux does provide much greater security than windows.
> >>
> >>  
> >>     
> > For a decent answer to this you would have to describe how you connect to the Internet and what services you wish to run, ie. SMB (windows style file sharing), NFS (unix style file sharing), remote login etc. Is this a standalone computer or do you have a small office/home network?
> >
> >   
> This is a home wireless network thru a Linksys Router
> 
> 
Okay. What I'm really asking is; What's the last stage between you and your ISP? Are you NATed (Natural Address Translation)? Are you directly facing the Internet?

A simple ifconfig in a terminal will tell you whether you have an internal/test space IP address (10.x.x.x,172.16.0.0-172.31.255.255,192.168.x.x) or if you're getting served a real world IP. 

Meaning, if your IP is an internal one your probably behind a device (modem/router) that's disguising you to the Internet, in that case don't worry about a firewalled interface unless you are severely paranoid. The device most likely wont port forward to privileged ports.

If you have a real world IP for eth0 or a ppp0 entry in ifconfig then if you run a service like file sharing you're showing that service to the world, in this case you do want some decent firewall rules to govern that interface. 

I have a hunch that you don't have to use pppoe to get an internet connection and you are NATed and fairly secure. If I were you, I'd worry more about people connecting to/sniffing your wireless network, use the strongest encryption your wireless router can do. 

In the end, as Brian McKee said, if your not running TCP/IP services then there's no need to firewall. I almost said, no need to worry, But there's always things to be mildly concerned with. :-)

Dave

More information about the ubuntu-users mailing list