Key takeaways of zdnet
- Linux is extremely safe, but you still have a firewall.
- You should know if your ISP hardware (gateway) uses a firewall.
- One of the easiest Linux Firewalls is UFW and its GUI Sidekic, GUFW.
I have been using Linux for almost 30 years. In those years, I have only experienced a security problem (a rootkit on a server that I have inherited). The reason for this is the increased security of Linux. Outside the box, it includes a tight permission system and safety mechanisms (such as Apparmor and Selinux) that perform a wonderful job of shutting down the operating system.
But what about firewall? You know about the firewall, especially if you have used Windows (because the OS of Microsoft always depends on them). And before you think, no matter how safe your web browser is, it is not enough.
Also: Thinking about switching on Linux? 9 things you should know
Almost every linux distribution ship with a firewall is ready to use. Funny, however, some distribution ships with firewalls disable.
It seems to be a counter -opinion for an operating system that hangs its hat on safety.
The big question you can ask is, “Does Linux also need a firewall?”
Before answering that question, I will ask you some questions:
- Is your Linux machine on home network?
- Is there a router in your home network that includes a firewall?
- Is your router updated regularly?
- If your home network has a router with firewall, is there any ports open?
- Do you have sensitive data on your computer?
You may not know the answers to those questions, which means you may have to contact your ISP and ask them about hardware in use. For example, AT and T fiber includes a firewall on its gateway hardware. The Xfinity Gateway of Comcast also includes a firewall.
Too: 8 things you can do with Linux that you can’t do with Macos or Windows
If you know that your ISP hardware contains a firewall, then your Linux machines require a firewall otherwise low pressure.
But does this mean that you should forget about the firewall?
I say no.
I say, more security, better.
For example, your ISP gateway goes without updates, which can leave it unsafe for attacks. Some Ne’er-DO-Well figures find out which gateway you are using, it breaks through unpublished defense, and has access to your network. If your Linux machine is not preserved via firewall, this bad actor can reach the machine through an open port and occurs on the data present in it.
You do not want this.
Argu … Firewall.
But whom should you use?
Different distribution ships with separate firewalls. For example, imperfect firewall (UFW) with a ship Ubuntu (and Ubuntu), while fedora (and based on Fedora) ship with firewold. Although both are solid options, I node UFW because it is so easy to use. And if you do not want to use the command line, then there are GUI apps that you can install to control UFW.
Too: You can try Linux without digging windows first – how is here
Even from the command line, UFW is easy. To enable it, release the command:
Enable Sudo UFW
Once capable, all the ports are closed, and reaching your machine is rapidly made more challenging. However, suppose you use SSH to regularly access that machine from your lan. For that, you can release the command:
Sudo UFW SSH allows
Or maybe you want to allow SSH from an IP address only within your LAN, which can be done with it:
Sudo UFW allows any port 22 proto on ip_address on TCP
Where iP_Address is the address of the machine you want to allow.
The same actions with firewold looks like this:
Sudo Firewall-CMD-Zone = Public–RMANENT-ADD-Service = Ssh
Or
Sudo Firewall-CMD–RMANENT-ADD-Source = IP_ADDRESS-ZONE = Drop
Sudo Firewall-CMD–Permanent–DD-Seva = SSH
Sudo Firewall-CMD-Reload
Sudo Firewall-CMD-List-All-Zone = Drop
Sudo Firewall-List-All
Where iP_Address is the address of the machine you want to allow.
Obviously, UFW is an easy tool, and I would always recommend on firewolds for those who are only in Linux.
And if you want GUI for UFW, try GUFW (which can be installed from your GUI app store).
Finally, the answers to the questions are simple:
- Do you need a firewall on Linux? – Yes
- What should you use? – UFW
Understand that if you want to use UFW on the Fedora-based system, you have to install it. To do this, issue the following order:
Sudo SystemCl Stop Firewold
Disable Sudo Systemctl Firewall
Remove Sudo DNF Firewalld
Install Sudo DNF UFW
Enable Sudo UFW
Now you have UFW running on your Fedora-based distribution.
With the firewall being active, your Linux machine will be better preserved, should anyone go around your ISP’s hardware rescue. As usual, it is better to be safe from sorry.
Get top stories of morning with us in your inbox every day Tech Today Newsletter.
