Linux Lite Forums

Software - Support => Other => Topic started by: Jackson2014 on February 15, 2014, 09:37:47 PM

Title: Security
Post by: Jackson2014 on February 15, 2014, 09:37:47 PM

Hi, .. Being a complete newbie to Linux, from what I have been learning about the need or lack of it where security software is concerned, I have a question regarding the firewall. Is the firewall installed active in Linux Lite or does it have to be turned on as it does in Ubuntu? I have not been able to find the firewall in Lite.
Can anyone inform me about this? I have not been able to find an answer to this anywhere on line.
Help would be appreciated.

Title: Re: Security
Post by: riser on February 15, 2014, 09:44:38 PM

LinuxLite is built on top of Ubuntu.  As such it has built-in network rules (iptables) and firewall command line control (ufw).

By default it does not have the firewall enabled with specific rules.

If you are interested in managing the rules, I suggest you install "gufw", which is a graphical interface for ufw (requires to be run under root with sudo).

You can find more info on ufw here (https://wiki.ubuntu.com/UncomplicatedFirewall) and about gufw here (http://gufw.org/).

Title: Re: Security
Post by: Jerry on February 15, 2014, 11:13:35 PM

Thank you riser. It also pays to keep in mind that most routers these days ship with in built linux firewalls. You don't need a software firewall on your pc unless you want to create specific rules for traffic.

Title: Re: Security
Post by: Jackson2014 on February 15, 2014, 11:25:01 PM

Thank you for the info and links riser. I do appreciate it.

Title: Re: Security
Post by: Jackson2014 on February 15, 2014, 11:29:53 PM

Thank you for that info Valtam. I will have to find out how to check that on my Uverse router.

Title: Re: Security
Post by: riser on February 16, 2014, 11:04:52 AM

Just to clarify: I do not have the software firewall active on my PC.  I provided the information in case you need to for whatever reason (a machine in a DMZ, etc.).

A hardware based firewall (most routers nowadays as Valtam mentions) is a better and more effective solution.

Title: Re: Security
Post by: Jackson2014 on February 16, 2014, 02:39:46 PM

I do not seem to have enough computer knowledge to configure rules on GUFW at this point, so I am wondering if the router firewall provides as much security if it is a home wireless router/modem that one is using. Would a wireless device accessing the internet at home be less secure than a wired connection device, if that wireless device does not have it's own firewall running?

EDIT:   No need to respond. I have answered my question about the wireless router, which is that it does provide firewall protection for wireless connected devices.

Title: Re: Security
Post by: gold_finger on February 19, 2014, 12:06:12 AM

If you'd like, you can enable the firewall without adding any special rules.  It's default settings will be to deny incoming connections and allow outgoing connections.  If an incoming request is simply a reply to one of your program's outgoing queries, it will be accepted  (eg.  Firefox requesting a page to view); but if it is just some random attempted connection it will be denied.

To enable UFW, enter the following in a terminal window:

Code: [Select]

sudo ufw enable
That will turn it on and enable it on each startup.

To check status:

Code: [Select]

sudo ufw status
Or, for more details:

Code: [Select]

sudo ufw status verbose
To turn it back off:

Code: [Select]

sudo ufw disable
More info on basic usage:

Code: [Select]

man ufw
Other info:
https://help.ubuntu.com/community/UFW (https://help.ubuntu.com/community/UFW)
https://help.ubuntu.com/12.04/serverguide/firewall.html (https://help.ubuntu.com/12.04/serverguide/firewall.html)
http://pka.engr.ccny.cuny.edu/~jmao/node/28 (http://pka.engr.ccny.cuny.edu/~jmao/node/28)

Title: Re: Security
Post by: Jerry on February 19, 2014, 06:38:49 AM

Thanks gold_finger, very helpful :)

Title: Re: Security
Post by: Coastie on February 28, 2014, 08:00:04 PM

Quote from: gold_finger on February 19, 2014, 12:06:12 AM

If you'd like, you can enable the firewall without adding any special rules.  It's default settings will be to deny incoming connections and allow outgoing connections.  If an incoming request is simply a reply to one of your program's outgoing queries, it will be accepted  (eg.  Firefox requesting a page to view); but if it is just some random attempted connection it will be denied. ...

I have turned on the firewall as per these instructions. Are there any "special rules" that I might need? Is there any need for a graphical interface like Firestarter for a Linux newby like me? :-\

Title: Re: Security
Post by: riser on February 28, 2014, 09:08:08 PM

Rules are required for any software (games, skype, etc.) that needs to communicate external machines (network/internet).

Each application will have ports that it uses to listen on.  The port(s) may be TCP or UDP.

Using a firewall requires that you understand what you use and what it needs.

Title: Re: Security
Post by: Coastie on February 28, 2014, 11:31:17 PM

Thanks. Since I do not think I have any need to communicate with any external machines, it is OK that do not understand what I use and what it needs.

Title: Re: Security
Post by: davidrom42 on May 13, 2016, 06:56:31 AM

Use the software of firewall. A software based firewall is better and more effective.

Linux Firewall (https://www.clearos.com/products/purchase/clearos-marketplace-apps/network/Firewall)