Find the answer to your Linux question:
Results 1 to 9 of 9
Software Firewall or No Software Firewall? I've been surfing around trying to find a definite answer to this question and its seems like everything else it depends on your setup...Now ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Enthusiast gerard4143's Avatar
    Join Date
    Dec 2007
    Location
    Canada, Prince Edward Island
    Posts
    714

    Software Firewall or No Software Firewall?


    Software Firewall or No Software Firewall?

    I've been surfing around trying to find a definite answer to this question and its seems like everything else it depends on your setup...Now I feel with the setup I have A router with NAT and no available services running on my desktop computer that a software firewall is redundant. I was starting to feel comfortable with this opinion until I stumbled apon a website that stated that a software firewall and a hardware firewall is required for absolute protection...So what's your opion...

    My setup:
    ArchLinux 2.6.32-ARCH
    Desktop Computer(not mobile)
    Router with NAT
    and no available services running on my computer.
    Make mine Arch Linux

  2. #2
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    My opinion:
    I think the combination of a router with a well configured firewall and the fact that you are using Linux, with no unneeded services and probably good computer maintenance by you, makes a software firewall unnecessary. I know there are some folks who take computer safety far more serious than I do and that's okay, but I think the majority of Linux computer users are savvy enough to understand their own needs and will plan accordingly.
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

  3. #3
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    You can never go wrong with a firewall setup and running, as long as it is setup correctly.
    But with NAT'ing turned on it would be kind of hard for anyone to break into your system from the outside without you setting up some sort of forwarding on the NAT device.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  4. #4
    Linux Guru
    Join Date
    Nov 2007
    Posts
    1,754
    I was starting to feel comfortable with this opinion until I stumbled apon a website that stated that a software firewall and a hardware firewall is required for absolute protection
    There is definitely no such thing as "absolute" unless you just unplug the cable.

    As already mentioned, a router is typically a very good *incoming* firewall. Without any ports "forwarded" through it, it only lets traffic out of your home network - and the responses to those requests are allowed in as well. Any unsolicited traffic is dropped.

    The problem nowadays is that most of your exploits originate on your machine. If you actively view a nasty website or run a bad program, then the exploiting code sends out something to the Internet. In that case, your router is not going to stop the traffic. It originates on your machine, is allowed to go out, and the response is allowed back in.

    Software firewalls running on the desktop are usually only "more helpful" if they're configured to blocking *outgoing* traffic that should not be leaving the machine. Firewall rules for this level of protection can be very invasive and annoying. As always, security is a trade-off between convenience and protection.

    Adding another "software firewall" that blocks all incoming and allows all outgoing is adding no additional layer of security than the existing "router."

  5. #5
    Linux Enthusiast gerard4143's Avatar
    Join Date
    Dec 2007
    Location
    Canada, Prince Edward Island
    Posts
    714
    Everyone thank-you for your responses. My experience and knowledge in this field is...well minimal.

    Here's what I know/don't know:

    A computer has ports.

    A port can provide services to the outside world if it has a corresponding program/daemon up and running.

    A port with no corresponding/running program/daemon? Is this a threat? Can an intruder access this port? I really don't know about this one.

    Now the firewall:

    A firewall can deny access to certain/all ports and to certain/all users..

    Like I said I have a minimal understanding of this field but I've downloaded ufw and firestarter and I'm reading...
    Make mine Arch Linux

  6. #6
    Just Joined!
    Join Date
    Jan 2010
    Posts
    6
    im not too well experienced with this sort of thing myself but ill do my best.. first thats true unless you pull the plug theyres no such thing as absolute safety.. however i think a firewall helps a great deal. yes they can attack through open ports, but it depends on the port really.. some are always open and those are the dangerous ones. obviously depending on the OS youre running the open ports are most likely going to be different. i just switched to linux so im not sure much about the open ports on here, but i used windows for a while and it was horrible. i kept my firewall up 24/7 lol. the really bad ports on that was 23 and 5000. that was your telnet and UPNP ports. i blocked port 23 and disabled UPNP through msconfig. its also true though that while you may be safe from the outside coming in all you need is one wrong move. to click a script or somehting and that script could open up a dangerous port for an attack. that being said i think linux is a lot safer than most machines due to its infernal structure but i would recommend a firewall, but i dont think i would go bananas without one lol. hope this helped

  7. #7
    Linux Enthusiast gerard4143's Avatar
    Join Date
    Dec 2007
    Location
    Canada, Prince Edward Island
    Posts
    714
    Well my surfing continues but I did stumbled onto this little gem -

    the below is quoted from 10 minutes to an iptables-based Linux firewall | Linux

    /sbin/iptables -A INPUT -p tcp --syn -j DROP

    "The previous statement will allow you to, as the user of the computer, performed all your normal Internet activities. You will be able to browse the Web, ssh out, or chat with a colleague on ICQ. On the other hand, the outside world, when trying to connect to your Linux box via TCP/IP, will simply be ignored. This is a reasonable solution for most Linux computers."

    I think this is the simple solution I was looking for
    Make mine Arch Linux

  8. #8
    Just Joined!
    Join Date
    Jan 2010
    Posts
    6
    im pretty sure that just means if anyone trys to remotly connect to you unless its pretty much direct connect bypassing the NAT therye not going to get in. so yes i believe youve found your answer

  9. #9
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    Quote Originally Posted by gerard4143 View Post
    This is a reasonable solution for most Linux computers.
    Just an FYI:
    I think if you are running Samba for Windows networking. Then you'll need a new set of rules.
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •