question about default iptables config in ubuntu

[LennythePingwin]

I was wondering about the security of the default iptables configuration in ubuntu. I know that it does not filter ICMP packets by default. Is that a big deal? grc.com's ShieldsUp doesn't seem to like it if pings are replied to, and gives a "failed" rating to any machine that replies to them.

So, in your opinion, how secure is ubuntu's default iptables configuration?

Also, if a system is directly connected to a dsl or cable modem, and is running ubuntu with the default iptable configuration, what are the odds that the computer would be compromised or infected, after about five hours?

Thanks

[coopstah13]

that would depend if you have any services like ssh, ftp, telnet running, etc

ubuntu by default has no firewall enabled, most users aren't directly connected to the internet, they are connected behind a firewall so there is no need for the desktop machine to have firewall rules, but in your case, you should look into setting one up

[LennythePingwin]

Thanks coop.

that would depend if you have any services like ssh, ftp, telnet running, etc

To my knowledge, I don't have those running. But "to my knowledge" is the key part of that sentence. . Are any of those services enabled by default? Because much of my settings are default.

ubuntu by default has no firewall enabled, most users aren't directly connected to the internet, they are connected behind a firewall so there is no need for the desktop machine to have firewall rules, but in your case, you should look into setting one up

I didn't mean for that hypothetical to exactly describe my own situation. I was kind of using a "worst case scenario" type thing. Right now I am behind a hardware firewall(router) and I'm using firestarter. Earlier I had some configuration issues with my router, so I was just trying to solicit responses that would allow me to determine if I had anything to worry about assuming that my router was no protection at all while it was misconfigured during that period of time(which was actually less than 5 hours).

By the way, I thought the default setup of iptables in ubuntu had at least some type of rules. However, I know that ICMP filtering is disabled by default.(and I enabled it once I got firestarter installed).

Basically I'm just trying to figure out if I need to wipe my harddrive yet again, and start over with a clean install. At this point, that looks like the quickest and surest way to set my mind at ease. And that's usually the route I go since I'm a worrier.

[coopstah13]

I use ubuntu at home and at work, neither came with any iptables rules set up by default, no ftp server is running by default, i'm not sure about telnet, i don't think SSH is enabled by default, but I could be wrong, just make sure ports 21, 22, 23 blocked by your firewall on your router

[LennythePingwin]

I use ubuntu at home and at work, neither came with any iptables rules set up by default,

Oh. Maybe I was misinformed then, or just misinterpreted something I read.

no ftp server is running by default, i'm not sure about telnet, i don't think SSH is enabled by default, but I could be wrong, just make sure ports 21, 22, 23 blocked by your firewall on your router

21,22, and 23 are showing as "stealthed" by shieldsup. The only thing shieldsup didn't like before was the fact my router was replying to pings. But that's fixed now(I think).

Thanks again coop