Linux Lite Forums
Software - Support => Other => Topic started by: Jackson2014 on February 15, 2014, 09:37:47 PM
-
Hi, .. Being a complete newbie to Linux, from what I have been learning about the need or lack of it where security software is concerned, I have a question regarding the firewall. Is the firewall installed active in Linux Lite or does it have to be turned on as it does in Ubuntu? I have not been able to find the firewall in Lite.
Can anyone inform me about this? I have not been able to find an answer to this anywhere on line.
Help would be appreciated.
-
LinuxLite is built on top of Ubuntu. As such it has built-in network rules (iptables) and firewall command line control (ufw).
By default it does not have the firewall enabled with specific rules.
If you are interested in managing the rules, I suggest you install "gufw", which is a graphical interface for ufw (requires to be run under root with sudo).
You can find more info on ufw here (https://wiki.ubuntu.com/UncomplicatedFirewall) and about gufw here (http://gufw.org/).
-
Thank you riser. It also pays to keep in mind that most routers these days ship with in built linux firewalls. You don't need a software firewall on your pc unless you want to create specific rules for traffic.
-
Thank you for the info and links riser. I do appreciate it.
-
Thank you for that info Valtam. I will have to find out how to check that on my Uverse router.
-
Just to clarify: I do not have the software firewall active on my PC. I provided the information in case you need to for whatever reason (a machine in a DMZ, etc.).
A hardware based firewall (most routers nowadays as Valtam mentions) is a better and more effective solution.
-
I do not seem to have enough computer knowledge to configure rules on GUFW at this point, so I am wondering if the router firewall provides as much security if it is a home wireless router/modem that one is using. Would a wireless device accessing the internet at home be less secure than a wired connection device, if that wireless device does not have it's own firewall running?
EDIT: No need to respond. I have answered my question about the wireless router, which is that it does provide firewall protection for wireless connected devices.
-
If you'd like, you can enable the firewall without adding any special rules. It's default settings will be to deny incoming connections and allow outgoing connections. If an incoming request is simply a reply to one of your program's outgoing queries, it will be accepted (eg. Firefox requesting a page to view); but if it is just some random attempted connection it will be denied.
To enable UFW, enter the following in a terminal window:
sudo ufw enable
That will turn it on and enable it on each startup.
To check status:
sudo ufw status
Or, for more details:
sudo ufw status verbose
To turn it back off:
sudo ufw disable
More info on basic usage:
man ufw
Other info:
https://help.ubuntu.com/community/UFW (https://help.ubuntu.com/community/UFW)
https://help.ubuntu.com/12.04/serverguide/firewall.html (https://help.ubuntu.com/12.04/serverguide/firewall.html)
http://pka.engr.ccny.cuny.edu/~jmao/node/28 (http://pka.engr.ccny.cuny.edu/~jmao/node/28)
-
Thanks gold_finger, very helpful :)
-
If you'd like, you can enable the firewall without adding any special rules. It's default settings will be to deny incoming connections and allow outgoing connections. If an incoming request is simply a reply to one of your program's outgoing queries, it will be accepted (eg. Firefox requesting a page to view); but if it is just some random attempted connection it will be denied. ...
I have turned on the firewall as per these instructions. Are there any "special rules" that I might need? Is there any need for a graphical interface like Firestarter for a Linux newby like me? :-\
-
Rules are required for any software (games, skype, etc.) that needs to communicate external machines (network/internet).
Each application will have ports that it uses to listen on. The port(s) may be TCP or UDP.
Using a firewall requires that you understand what you use and what it needs.
-
Thanks. Since I do not think I have any need to communicate with any external machines, it is OK that do not understand what I use and what it needs.
-
Use the software of firewall. A software based firewall is better and more effective.
Linux Firewall (https://www.clearos.com/products/purchase/clearos-marketplace-apps/network/Firewall)