Everand Logo

Welcome to Everand!

  • Linux Format

    EXPLODING FIREWALLS

    Feb 11, 2020 8 minutes

    The phrase “Linux doesn’t need a firewall” is commonly voiced. And it’s true, in the sense that your desktop distribution will work just fine without one. The same is true for Windows, up to a point, yet it still ships with one enabled by default. And any hardened user of the Redmond-ian OS would frown at you if you turned it off without good reason. Why? Because it takes away a layer of security that probably wasn’t doing any harm in the first place.

    The main difference, and the reason Linux users get away with no firewall, is that a standard desktop install isn’t running many services. So even if someone you didn’t trust could contact your machine, there are no listening ports to connect to. On Windows, a standard install will have at least file and printer-sharing (SMB, NetBIOS) services listening, and probably much more. There’s nothing inherently wrong with this – those services are firewalled after all – but even if they weren’t, many of them (by default) are only listening on the LAN, or even the local loopback address. However, if something went wrong and for some reason the file-sharing service started listening on the 0.0.0.0 (all interfaces) address, without a firewall we’d be living dangerously. Not only could attackers see our shares, but they could leverage an exploit against the service.

    Here we’ll discuss the ins and, and the simpler . We’ll dispel myths about the protections offered by home routers, and we’ll show you how to set up a simple firewall that doesn’t get in your way, doesn’t require any command-line jargon and will make your Linux install just that little bit safer.

    You’re reading a preview, subscribe to read more.

    More from Linux Format

    Linux Format5 min read
    Tips For Managing Docker Containers
    Everyone knows how containers revolutionised application building and deployment. Using a E disposable stack of containers that make up an app that aren’t using the docker-compose command to manage the stack are missing a trick. It allows the shippin
    Linux Format1 min read
    Installation Complications
    The Linux Mint system package for Timewarrior was out of date, so we installed the latest version from Snap. The Hamster package in the distribution repository was the latest stable release (which is quite old), but we could also have installed via F
    Linux Format3 min read
    Drauger OS 7.6
    We love the idea of a gaming-specific version of Linux, but Drauger fails to deliver. Given the setup/kernel issues, you’re far better off installing Ubuntu, then adding gamingspecific packages yourself. CPU: 1.8GHz (2GHz suggested) Mem: 1GB (6GB sug

    Related Books & Audiobooks