Re: Firewall

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Firewall

Ewan Mac Mahon
On Wed, Nov 02, 2005 at 11:52:43PM +0000, Tristan Wibberley wrote:
> Does anybody have a recommendation on a firewall in ubuntu (main,

I keep seeing this question on the list, but it's still not making much
sense to me.  What exactly is it you think you need a firewall for?

Individual machine firewalls make sense on Windows because it runs a
load of servers by default and ingress firewalling is the simplest way
to cut them off from the net; also, Windows is suceptible to a lot of
malware (in the broadest sense) and egress firewalling is useful to cut
that off. Linux in general is not greatly plagued by malware and Ubuntu
in particular runs no servers by default - what is it that you're trying
to firewall?

Ewan

--
ubuntu-users mailing list
[hidden email]
http://lists.ubuntu.com/mailman/listinfo/ubuntu-users

signature.asc (196 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Firewall

Lee Braiden-2
On Friday 04 November 2005 02:06, Ewan Mac Mahon wrote:
> Individual machine firewalls make sense on Windows because it runs a
> load of servers by default and ingress firewalling is the simplest way
> to cut them off from the net; also, Windows is suceptible to a lot of
> malware (in the broadest sense) and egress firewalling is useful to cut
> that off. Linux in general is not greatly plagued by malware and Ubuntu
> in particular runs no servers by default - what is it that you're trying
> to firewall?

Firewalls are always a good idea.  Even if your router has a good firewall,
individual machines are best to have firewalls too.  Think of it as a way of
setting high-level policy, of what's allowed to come in and out of the
machine: if something screws up or gets misconfigured, or if someone (even a
trusted employee) installs a rootkit, then you still have another layer of
protection.  Also, firewalls are not foolproof.  Even if you have a
firewalled router, it can be penetrated, in which case your secondary
firewalls become pretty important.  Since they're likely to be differently
configured or even running a different OS/firewall system from your router,
you could can something like twice the protection from a second firewall, if
you're careful about other related things like LAN traffic.  Also, in these
days of wireless LANS etc., it's not wise to trust your LAN completely even
if it is firewalled at the internet gateway.

It's not perfect by any means, but individual machines can be easily
firewalled en masse, according to some policy, so it's well worth doing, I
think.

As it turns out, Windows is the only major OS I know of that can't fully
handle that, because its controls aren't fine-grained enough, and in some
situations you can't run a firewall on a laptop that connects to an active
directory domain.

--
Lee Braiden
http://www.DigitalUnleashed.com

--
ubuntu-users mailing list
[hidden email]
http://lists.ubuntu.com/mailman/listinfo/ubuntu-users