You are not logged in.
- Topics: Active | Unanswered
#1 2023-03-24 05:14:29
- Lilith156A
- Member
- Registered: 2022-03-25
- Posts: 3
Questions about post installation guide, dns security and firewall
Do I have to setup a dns and a firewall in my computer?
and I can't understand how to do it from the wiki
Offline
#2 2023-03-24 05:45:58
- vorvac
- Member
- Registered: 2021-05-14
- Posts: 44
Re: Questions about post installation guide, dns security and firewall
You don't have to, but you also don't have to lock your house at night. You make that decision yourself depending on where you live.
The wiki explains it quite well, have you read these pages?
https://wiki.archlinux.org/title/Securi … _firewalls
https://wiki.archlinux.org/title/Simple … l_firewall
Offline
#3 2023-03-24 05:52:06
- Lilith156A
- Member
- Registered: 2022-03-25
- Posts: 3
Re: Questions about post installation guide, dns security and firewall
I kinda get the part of the firewall
the one I still can't wrap my head around is the DNS part, do I have to have it in my personal computer?
Offline
#4 2023-03-24 07:52:19
- seth
- Member
- Registered: 2012-09-03
- Posts: 63,438
Re: Questions about post installation guide, dns security and firewall
DNS resolves domains (archlinux.org) to IPs (95.217.163.246)
You'll typically get one via dhcp, but if you don't like it, you can configure a custom open DNS server (1.1.1.1, 8.8.8.8, 9.9.9.9 for cloudflare, google and quad9 - search for "open DNS servers")
Offline
#5 2023-03-24 13:41:00
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 30,361
- Website
Re: Questions about post installation guide, dns security and firewall
FWIW I've experimented with different DNSs just to tinker a bit, but I don't use them on any of my systems regularly. What dhcpcd gets from my ISP is better than any of the options above (which really surprises me, I absolutely loathe my ISP, they screw everything up ... except DNS).
I also don't ever set up a firewall on my home computer as I'm behind an ISP-provided router which blocks most traffic anyhow. But on my public servers a firewall is an absolute must.
So in short, for a joe-regular-user on a personal computer connecting to a major ISP through a router, neither of these are really of any concern (IMHO).
"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman
Offline
#6 2023-03-24 13:53:54
- seth
- Member
- Registered: 2012-09-03
- Posts: 63,438
Re: Questions about post installation guide, dns security and firewall
ISP DNS are kinda hit and miss and often daytime dependent in their performance.
You can use eg. dig to measure the response time and compare it against alternatives if you worry that the domain resolution slows down your internet.
Another thing about the DNS in use is whether it applies silly DNS filters (MPAA, Porn, CCP) which it might have to for domestic legal reasons or *MUCH WORSE* DNS hi-jacking to redirect unresolvable domains to affiliate links (***grrrr***).
But yes, there's usually no need to take action here unless you know a reason 
Offline