When to use a firewall (e.g. ufw)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

When to use a firewall (e.g. ufw)

Ian Bruntlett
Hi,

I was wondering, when should a firewall (e.g. ufw) be installed on a computer running Linux - Ubuntu Linux, to be more accurate.

Also, what level of networking experience is required for running an Ubuntu Linux system?

TIA,


Ian

--
-- ACCU - Professionalism in programming - http://www.accu.org
-- My writing - https://sites.google.com/site/ianbruntlett/


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: When to use a firewall (e.g. ufw)

Peter Flynn
On 20/11/2020 11:25, Ian Bruntlett wrote:
> Hi,
>
> I was wondering, when should a firewall (e.g. ufw) be installed on a
> computer running Linux - Ubuntu Linux, to be more accurate.

If the computer has access to the Internet, you should use a firewall.

But in a domestic situation, with a firewall inside the router/hub
supplied by your provider, that's probably enough unless you punch holes
in it for gaming, or you use dodgy software or websites requiring
unusual ways to access your system, or you open up the network to allow
external access to your computer direct from the outside.

In a business situation, this should be dealt with by your IT person.

> Also, what level of networking experience is required for running an
> Ubuntu Linux system?

None until your network goes wrong or you respond to a scam call or
phishing spam 😱

Network knowledge is always useful, regardless of the operating system,
because knowing how it all works will let you tune it for better
performance.

Peter

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: When to use a firewall (e.g. ufw)

Ian Bruntlett
Hi Peter,

On Fri, 20 Nov 2020 at 11:56, Peter Flynn <[hidden email]> wrote:

Network knowledge is always useful, regardless of the operating system,
because knowing how it all works will let you tune it for better
performance.

I was wondering, is there a particular website / book that provides that knowledge?

Thank you for your reply.

BW,


Ian

--
-- ACCU - Professionalism in programming - http://www.accu.org
-- My writing - https://sites.google.com/site/ianbruntlett/


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: When to use a firewall (e.g. ufw)

Oliver Grawert
In reply to this post by Ian Bruntlett
hi,
Am Freitag, den 20.11.2020, 11:25 +0000 schrieb Ian Bruntlett:
> Hi,
>
> I was wondering, when should a firewall (e.g. ufw) be installed on a
> computer running Linux - Ubuntu Linux, to be more accurate.
>
> Also, what level of networking experience is required for running an
> Ubuntu Linux system?

ubuntu has since day one a policy of "no open ports" so if you do not
install any server software (to explicitly open any ports), a firewall
mainly just adds complexity ... that said, you can indeed "harden" an
existing ubuntu install (i.e. make the machine not respind to external
pings, audit and log incoming and outgoing traffic on a network
interface, etc, etc) ...

by default ubuntu does not need any firewall though and you should only
use one if you know what you are doing ...

ciao
        oli

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

signature.asc (201 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: When to use a firewall (e.g. ufw)

Ian Bruntlett
Hi Oli,

On Fri, 20 Nov 2020 at 12:26, Oliver Grawert <[hidden email]> wrote:
ubuntu has since day one a policy of "no open ports" so if you do not
install any server software (to explicitly open any ports), a firewall
mainly just adds complexity ... that said, you can indeed "harden" an
existing ubuntu install (i.e. make the machine not respind to external
pings, audit and log incoming and outgoing traffic on a network
interface, etc, etc) ...
Thank you, good to know :)

by default ubuntu does not need any firewall though and you should only
use one if you know what you are doing ...

I've dabbled with LAMP in the past. I guess I'd need a firewall installed for that.

At the moment, though, the only networking I'm doing is accessing the Internet as a normal user.

I know of differences between IPv4 and IPv6 (that IPv6 can handle more addresses), a little bit about TCP/IP, a little bit of sockets. I have a copy of "Networking for Systems Administrators" (Michael W. Lucas) which I will be reading soon...

BW,


Ian

--
-- ACCU - Professionalism in programming - http://www.accu.org
-- My writing - https://sites.google.com/site/ianbruntlett/


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: When to use a firewall (e.g. ufw)

David Fletcher-5
In reply to this post by Peter Flynn
On Fri, 2020-11-20 at 11:55 +0000, Peter Flynn wrote:

> On 20/11/2020 11:25, Ian Bruntlett wrote:
> > Hi,
> >
> > I was wondering, when should a firewall (e.g. ufw) be installed on
> > a
> > computer running Linux - Ubuntu Linux, to be more accurate.
>
> If the computer has access to the Internet, you should use a
> firewall.
>
> But in a domestic situation, with a firewall inside the router/hub
> supplied by your provider, that's probably enough unless you punch
> holes in it

By which I assume you mean port forwarding to use a mail or web server
from inside your domestic network, as I do, otherwise my understanding
is that the router won't do anything to pass packets inside unless you
initiated it by having e.g. a web browser requesting a page from
somewhere.

I've always found help on iptables to be confusing at best. What I've
personally settled on doing is starting an iptables backup file by
exporting from iptables, which only needs to be done once, to get the
format which can then be easily added to with a text editor. Or just
take my example from below. I don't try to do anything smart, just drop
packets from anywhere that nuisance email etc. has originated to
prevent future access from there to my server. My iptables file has
thousands of entries, here is a small sample for example:-

# Block all packets from American Samoa no reason to get any contact
from there
-A INPUT -s 103.117.168.0/22 -p tcp -j DROP
-A INPUT -s 103.238.156.0/23 -p tcp -j DROP
-A INPUT -s 202.70.112.0/20 -p tcp -j DROP

After manually editing the file I update iptables with

sudo iptables-restore < ServerSetup/iptables4backup

The question that seems to be frequently asked is, how to make sure the
iptables configuration gets restored during a system restart? I put
into my crontab file,

@reboot root CrontabRestart

which kicks off the CronTabRestart script in /usr/local/bin/ and
contains

#!/bin/bash

sleep 60s
iptables-restore < /home/administrator/ServerSetup/iptables4backup

sleep 60s
sendEmail -q \
 -f [hidden email] \
 -t [hidden email] \
 -u "Server reboot notification" \
 -m "Restoring iptables, starting noip2"

/usr/local/bin/noip2



I'm really not sure if the noip2 entry is necessary but AFAICT it does
no harm.

OK, that's how I as the non expert deals with firewalling. My ISP does
not yet provide IPv6 service, they've been dragging their feet for
years, hence I'm still only worried about IPv4.

Regards,

Dave


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: When to use a firewall (e.g. ufw)

Liam Proven
In reply to this post by Ian Bruntlett
On Fri, 20 Nov 2020 at 12:27, Ian Bruntlett <[hidden email]> wrote:
>
> Hi,
>
> I was wondering, when should a firewall (e.g. ufw) be installed on a computer running Linux - Ubuntu Linux, to be more accurate.

The Linux kernel includes a firewall. No additional firewall is needed.

As for whether you need to turn it on -- it depends on what you are
doing with it.

If you are using it as a desktop OS and not running any servers on it,
then no, you do not need to enable the firewall. Ubuntu defaults to
not having any open ports or any services listening to the internet,
so a firewall is pointless.

If you are using it as a server, then yes, you should, but that's a
much bigger discussion.

> Also, what level of networking experience is required for running an Ubuntu Linux system?

It depends what you're doing. For a desktop or laptop as a personal
computer, next to none. If you're building a home network, a little.
If you're configuring and running servers, a fair bit. If those
servers are on the public-facing internet, a lot.

--
Liam Proven – Profile: https://about.me/liamproven
Email: [hidden email] – gMail/gTalk/gHangouts: [hidden email]
Twitter/Facebook/LinkedIn/Flickr: lproven – Skype: liamproven
UK: +44 7939-087884 – ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users