this post was submitted on 06 Oct 2023

97 points (95.3% liked)

Linux

47366 readers

1526 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Do you need to have a firewall on a linux desktop? (discuss.tchncs.de)

submitted 11 months ago by mokazemi@discuss.tchncs.de to c/linux@lemmy.ml

86 comments fedilink hide all child comments

Hi. I wanted to know if it's needed to install a firewall on a linux desktop/laptop. Why yes or why no?

you are viewing a single comment's thread
view the rest of the comments

[–] flashgnash@lemm.ee 15 points 11 months ago (2 children)

On a laptop absolutely. My firewall on my laptop doesn't let me discriminate between networks so I'm always worried someone will try to attack me on public WiFi for the few ports I want open

On a desktop on a network you trust less important but still no firewall means if another device on your network gets compromised you're screwed

[–] Sir_Simon_Spamalot@lemmy.world 2 points 11 months ago* (last edited 11 months ago) (2 children)

For laptop, what kind of attack would we be protecting ourselves from? I get the relevance of antivirus, VPN, and device encryption, but what about firewall?

[–] flashgnash@lemm.ee 5 points 11 months ago (2 children)

Any vulnerabilities in any of your software that can talk to a network, ssh, browser, the operating system itsself could be exploited if your firewall is down

If you're using username and password and have ssh enabled, for example anyone on your network could attempt to log in to your machine

[–] LufyCZ@lemmy.world 1 points 11 months ago (1 children)

For ssh, sure.

But a browser? No way.

[–] flashgnash@lemm.ee 1 points 11 months ago* (last edited 11 months ago) (1 children)

My understanding is there can be a vulnerability in absolutely anything

Browsers are unlikely to but don't think it's impossible

[–] LufyCZ@lemmy.world 1 points 11 months ago

A firewall protects open ports on your machine. A browser does not have any open ports.

Of course they have vulnerabilities, but a firewall won't protect you from them.

[–] Sir_Simon_Spamalot@lemmy.world 1 points 11 months ago (1 children)

Let's just say the system does not have any outward facing service (no ssh, http, smb, nfs).

[–] flashgnash@lemm.ee 2 points 11 months ago

At that point why not just have the firewall set to deny everything just to be safe though? There's always the chance you missed something that's decided to listen on some random port and if you aren't using anything that listens on a network why have the firewall open anyway

[–] Paragone@sh.itjust.works -2 points 11 months ago

If you have the ability to take a look at either SANS website, and see their articles, or have your system show you all the automatic attacks hitting your machine, then maybe you will understand...

Botnets are coded to hammer-away at all possible internet-addresses, trying to break-in & highjack more machines, to include in the established criminal-machine that the botnet is...

SANS said, a decade or 2 ago, that it took, on average, something like 6 or 4 minutes for a new MS-Windows machine to be owned by some attack from the internet.

I've had linux machines cracked/owned, and wiped 'em to get 'em clean.

Having no immune-system is BAD.

Linux botnets, apple operating-system botnets, they exist.

I don't think there is any operating-system that is connected to the internet that doesn't have attacks coded to crack it.

I just looked at SANS.org, and they have totally changed, so they are now .. more a moneymaking-machine wanting B2B biz?

Here, though, are some cheat-sheets they made:

https://www.sans.org/posters/?msc=main-nav

They used to tell us the top-20 most effective protections for particular threats, identifying how prevalent the threats were, etc...

No idea who does that nowadays...

[–] possiblylinux127@lemmy.zip 2 points 11 months ago (2 children)

Keep in mind that a firewall may not be nessasary if you don't have any network services running.

[–] ReversalHatchery@beehaw.org 5 points 11 months ago* (last edited 11 months ago)

Yes, except that whether you do is not at all obvious.

Do you use KDE Connect? If yes, you run a network service. Syncthing, a bittorrent client? Those too, and many others. I know this is a Linux community, but as a comparison windows has a bunch of network services running by default.
By saying "network services", I think menu of us would just think about a web server or a file server, conclude that they don't run any of those, and don't bother with it.

When in doubt, sudo netstat -lutpn, and look for the listening ports to see what software listens for informing requests.

[–] jcarax@beehaw.org 2 points 11 months ago

I'd still have one, eventually something is going to slip past a new configuration or dependency that listens.