General question: Assuming your cable modem (or whatever your connection may be at home) is setup properly (or out of the box for that matter), for a home desktop user would you implement iptables on your system as an extra precaution or just use your Deb install as is?
Would like to hear some pros / cons and what the general consensus is as I could see it going either way.
Cheers
Chris
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Iptables for desktop
-
- Posts: 2
- Joined: 2018-05-03 06:23
Re: Iptables for desktop
It's probably overkill for most users--but good security has layers, like an onion. For example, your own computer may be well-kept and secure from the Internet but if you give out your wifi password to a friend with a hacked phone, or you expose something to the Internet that gets pwned, and your computer has no defenses on the LAN, you might have a bad time. But those are unlikely scenarios for most people.
Re: Iptables for desktop
There are many programs that use iptables, but hide if from user. I've used shorewall, and at the moment arno-iptables-firewall, which does not after installing require any actions than reading logs.cds60601 wrote:General question: Assuming your cable modem (or whatever your connection may be at home) is setup properly (or out of the box for that matter), for a home desktop user would you implement iptables on your system as an extra precaution or just use your Deb install as is?
Would like to hear some pros / cons and what the general consensus is as I could see it going either way.
Cheers
Chris
- None1975
- df -h | participant
- Posts: 1404
- Joined: 2015-11-29 18:23
- Location: Russia, Kaliningrad
- Has thanked: 46 times
- Been thanked: 69 times
Re: Iptables for desktop
For desktop you can use The Uncomplicated Firewall (ufw). It is a frontend for iptables. Ufw provides a framework for managing netfilter, as well as a command-line interface for manipulating the firewall. In my opinion it is simpler solution, because configuring iptables manually is challenging for the uninitiated. And yes, it is a extra security layer.
OS: Debian 12.4 Bookworm / DE: Enlightenment
Debian Wiki | DontBreakDebian, My config files on github
Debian Wiki | DontBreakDebian, My config files on github
Re: Iptables for desktop
i'm too stupid to use iptables, i use ufw on all my machines.
there's a little redundancy because my router also has a firewall (which works quite differently though), but that's fine.
there's a little redundancy because my router also has a firewall (which works quite differently though), but that's fine.
- cds60601
- df -h | participant
- Posts: 724
- Joined: 2017-11-25 05:58
- Location: Florida
- Has thanked: 133 times
- Been thanked: 64 times
Re: Iptables for desktop
Thanks to those that answered. I know there are several options that any user can use for firewalling (GUI, cli, 3rd part apps, etc) but you all got the general idea - that was whether or not some of us go the extra mile and have some form of firewalling on our Deb-stations or servers.
Like most of you, I to have it on my router but a little extra never hurts
Like most of you, I to have it on my router but a little extra never hurts
Supercalifragilisticexpialidocious