The purpose of enabling a "Simple stateful firewall"?

kmph · 2015-08-29 22:06:19

I thought I'd try to take the challenge of getting an Arch installation up and functional. (making the use of vacation spare time)

So I started reading the wiki and, for most part, following it.

Beginners' guide "strongly advises" me to read General recommendations, which in turn directs me to Security. According to this page, "It is highly recommended to set up some form of firewall to protect the services running on the system. Many resources (including ArchWiki) do not state explicitly which services are worth protecting, so enabling a firewall is a good precaution." And I am directed to Simple stateful firewall. So I started following this Simple stateful firewall guide.

And I run into section #Bruteforece_attacks From the context, I assumed it was relevant only for servers, so for my "desktop laptop" I should skip it; just to make sure, I asked if I was right on #archlinux IRC. To my surprise, some people argued that I should skip the whole firewall page for a desktop at all, since it is not needed for desktops and it is usually not needed for servers either; instead, one should be careful not to enable daemons they don't need.

... OK then. So now, may I ask a pretty silly-looking question? Should I follow this Simple stateful firewall guide? Is it really needed?
... And if it is not, could someone very kindly fix the wiki, as it seems to be kind of misleading now? Me not being a security expert by any means, I don't really feel like editing the wiki in this matter.

tomk · 2015-08-29 22:23:58

It's a wiki, it gets fixed, broken, improved, damaged, corrupted, enhanced, and all kinds of other stuff, all according to the whim of members of the community who feel motivated enough to edit it. It is not authoritative in any way, nor is it meant to be. If you think something needs fixing, but lack the necessary knowledge to do so yourself, use the discussion tab on the page to register your comments.

As for your sepcific question - do some research, fond out what a firewal is and does, and then decide for yourself if you need it or not.

ewaller · 2015-08-29 23:02:24

Is your machine on a private network behind a router? Or are you attached directly to the Internet where every machine in the world can see yours?
What ports do you have open? Are you planning on running any servers from your machine?

kmph · 2015-08-30 19:54:53

I'm behind Orange Livebox. Not planning to run any kind of server in the near future. Not sure how could I have any ports opened, since I haven't done much on my system yet, except enabling systemd-timesyncd. (however, perhaps I might run nmap -sT -O localhost, at least for educational purposes...) Later on, however, I'd like to play Wesnoth from time to time, and as far as I can tell playing it in multiplayer means opening port 15000.

twelveeighty · 2015-08-30 21:37:03

That Wikipedia article you linked has no mention of the word "firewall", and it's an ISP provided piece of hardware. If that was for me, I would have both an internal router with a firewall configured and firewalls set up on all my PCs (laptops typically). That way, phones connected on Wifi are protected by the internal router and my laptop is protected wherever I take it.

But, as mentioned earlier in other replies, do the research and decide for yourself. It really depends on where you are on the paranoia spectrum. I, for one, would not trust my ISP to keep me and my information safe.

Arch Linux

#1 2015-08-29 22:06:19

The purpose of enabling a "Simple stateful firewall"?

#2 2015-08-29 22:23:58

Re: The purpose of enabling a "Simple stateful firewall"?

#3 2015-08-29 23:02:24

Re: The purpose of enabling a "Simple stateful firewall"?

#4 2015-08-30 19:54:53

Re: The purpose of enabling a "Simple stateful firewall"?

#5 2015-08-30 21:37:03

Re: The purpose of enabling a "Simple stateful firewall"?

Board footer