Firewall on a roaming laptop - what do I need?

ggg377 · 2015-06-20 16:06:01

Hi,

I have googled and wikid this issue for days and I keep finding conflicting information. Some say as Arch has ports closed you don't need a firewall unless you're running a web server or SSH or other similar services (which I do not). Some say if you have a roaming laptop and use free wifi networks, you do need one. While I am privacy and security minded, I don't need a service to block something that's been already blocked "just in case". Would using a firewall such as ufw offer any kind of increased protection on a public network on an Arch system? Do I need a firewall or is it really not that necessary?

ewaller · 2015-06-20 16:24:41

In my mind, A firewall is not needed on an individual machine. I generally use them where I want to protect a network segment from outside intrusion. If the ports on your machine are not open, don't worry. If they are open, what is the point of fire walling them?

Also, I have always thought "Software" firewalls running on a machine to keep other software on that same machine in check. It is like placing the lunatics in charge of the asylum.

brebs · 2015-06-20 16:45:44

First, check what ports you're listening on:

netstat -tulpn

You'll probably find Xorg listening on port 6000. As a big hint - some previous Xorg security bugs.

R00KIE · 2015-06-20 17:04:14

@brebs
Not sure that's correct, at least when starting X with 'startx' it runs with '-nolisten tcp', this means no open port.

@ggg377
Regarding the firewall, I'd say don't allow in anything that isn't a reply to something you asked for or something you want in (ex.: ssh).

Some programs will bind to a random port, and even if normally (or if configured) they will not accept anything that doesn't come from the localhost, imho it's better to avoid anything undesirable ever reaching those ports in the first place instead of relying only on the program to be able to handle anything thrown at it.

bleach · 2015-06-20 17:48:35

I find the statefull firewall (arch wiki) good for moving laptops it lets everything out but nothing in unless you specify it for instance a ftp(or vsftp) server to transfer files.

brebs · 2015-06-20 18:16:48

R00KIE wrote:

when starting X with 'startx' it runs with '-nolisten tcp', this means no open port.

Yeah - Arch hard-codes it.

I don't only consider Arch, though

ggg377 · 2015-06-20 18:34:08

Hehe, more conflicting information and opinions from both sides. From the Arch Wiki security guide:

It is highly recommended to install iptables from the official repositories, enable it, and set up some form of firewall.

@bleach I have an idea on how to get the job done, I'm just pondering whether I want to get it done or not. The way I see it right now, the firewall would still mimic Arch's default behavior (what's closed is closed and what's open is open - meaning you're going to make expections in the firewall for the stuff you need anyway as @ewaller mentioned).

By the way the netstat -tulpn output looks like this:

tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      -                   
tcp6       0      0 :::6600                 :::*                    LISTEN      892/mpd             
udp        0      0 0.0.0.0:35271           0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:6694            0.0.0.0:*                           -                   
udp        0      0 127.0.0.1:53            0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:68              0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           -                   
udp6       0      0 :::3189                 :::*

Doesn't look intriguing to me.

Arch Linux

#1 2015-06-20 16:06:01

Firewall on a roaming laptop - what do I need?

#2 2015-06-20 16:24:41

Re: Firewall on a roaming laptop - what do I need?

#3 2015-06-20 16:45:44

Re: Firewall on a roaming laptop - what do I need?

#4 2015-06-20 17:04:14

Re: Firewall on a roaming laptop - what do I need?

#5 2015-06-20 17:48:35

Re: Firewall on a roaming laptop - what do I need?

#6 2015-06-20 18:16:48

Re: Firewall on a roaming laptop - what do I need?

#7 2015-06-20 18:34:08

Re: Firewall on a roaming laptop - what do I need?

Board footer