Find the answer to your Linux question:
Results 1 to 5 of 5
I was wondering about the security of the default iptables configuration in ubuntu. I know that it does not filter ICMP packets by default. Is that a big deal? grc.com's ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2009
    Posts
    3

    question about default iptables config in ubuntu


    I was wondering about the security of the default iptables configuration in ubuntu. I know that it does not filter ICMP packets by default. Is that a big deal? grc.com's ShieldsUp doesn't seem to like it if pings are replied to, and gives a "failed" rating to any machine that replies to them.

    So, in your opinion, how secure is ubuntu's default iptables configuration?

    Also, if a system is directly connected to a dsl or cable modem, and is running ubuntu with the default iptable configuration, what are the odds that the computer would be compromised or infected, after about five hours?

    Thanks

  2. #2
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    that would depend if you have any services like ssh, ftp, telnet running, etc

    ubuntu by default has no firewall enabled, most users aren't directly connected to the internet, they are connected behind a firewall so there is no need for the desktop machine to have firewall rules, but in your case, you should look into setting one up

  3. #3
    Just Joined!
    Join Date
    Feb 2009
    Posts
    3
    Thanks coop.

    that would depend if you have any services like ssh, ftp, telnet running, etc
    To my knowledge, I don't have those running. But "to my knowledge" is the key part of that sentence. . Are any of those services enabled by default? Because much of my settings are default.

    ubuntu by default has no firewall enabled, most users aren't directly connected to the internet, they are connected behind a firewall so there is no need for the desktop machine to have firewall rules, but in your case, you should look into setting one up
    I didn't mean for that hypothetical to exactly describe my own situation. I was kind of using a "worst case scenario" type thing. Right now I am behind a hardware firewall(router) and I'm using firestarter. Earlier I had some configuration issues with my router, so I was just trying to solicit responses that would allow me to determine if I had anything to worry about assuming that my router was no protection at all while it was misconfigured during that period of time(which was actually less than 5 hours).

    By the way, I thought the default setup of iptables in ubuntu had at least some type of rules. However, I know that ICMP filtering is disabled by default.(and I enabled it once I got firestarter installed).

    Basically I'm just trying to figure out if I need to wipe my harddrive yet again, and start over with a clean install. At this point, that looks like the quickest and surest way to set my mind at ease. And that's usually the route I go since I'm a worrier.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    I use ubuntu at home and at work, neither came with any iptables rules set up by default, no ftp server is running by default, i'm not sure about telnet, i don't think SSH is enabled by default, but I could be wrong, just make sure ports 21, 22, 23 blocked by your firewall on your router

  6. #5
    Just Joined!
    Join Date
    Feb 2009
    Posts
    3
    Quote Originally Posted by coopstah13 View Post
    I use ubuntu at home and at work, neither came with any iptables rules set up by default,
    Oh. Maybe I was misinformed then, or just misinterpreted something I read.

    no ftp server is running by default, i'm not sure about telnet, i don't think SSH is enabled by default, but I could be wrong, just make sure ports 21, 22, 23 blocked by your firewall on your router
    21,22, and 23 are showing as "stealthed" by shieldsup. The only thing shieldsup didn't like before was the fact my router was replying to pings. But that's fixed now(I think).

    Thanks again coop

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •