Do I need a firewall if I use Linux?

Discussion in 'other security issues & news' started by Pain of Salvation, Feb 23, 2006.

Thread Status:
Not open for further replies.
  1. Pain of Salvation

    Pain of Salvation Registered Member

    Apr 21, 2005
    I`m a home user, using Ubuntu 5.10. Do I need a firewall? Why Ubuntu does not have a firewall?
  2. trickyricky

    trickyricky Registered Member

    Mar 27, 2005
    London, UK
    All OSs need protecting from hackers and the like, and Linux is no exception. That said, Linux is pretty secure "out of the box". The kernel already has packet filtering functions built in, such as IPTables, so a separate firewall isn't necessary if you have the built in filters set up properly. I'm not familiar with Ubuntu, but it may already be locked down with a decent default set of firewall rules such that an additional firewall is unnecessary. It also depends on which services your Linux is running and makes available over the net, such as telnet, HTTP and the like. Disabling unnecessary services and locking down services which are required is as important to secure Linux as it is for any other OS.
  3. iceni60

    iceni60 ( ^o^)

    Jun 29, 2004
    you have a firewall running unless you have disabled it - IPTables.

    there are no services you need to protect by adding to IPTables, although you could install firestarter

    sudo apt-get install firestarter

    then go System>Preferences>Sessions>Startup Programs>Add

    Startup Command - gksudo firestarter

    Order - 50

    when you have put it into startup you will be asked for your sudo password at boot to start firstarter. you won't notice it running though :oops: so you can open it and go to

    Edit>Preferences>Interface then tick the box which says Minimise to tray...

    i also have these settings enabled -

    Enable ICMP Filtering, then enable these settings
    ICMP Filtering - Echo Reply (pong) & Unreachable

    if you want to ping or do a traceroute then enable Echo Request and Traceroute just remember to disable them afterward.

    here are some commands you might need

    this one tells you the status - if it's running
    sudo /etc/firestarter/ status

    these next two start and stop it
    sudo /etc/firestarter/ start

    sudo /etc/firestarter/ stop
    Last edited: Feb 24, 2006
  4. Ned Slider

    Ned Slider Registered Member

    Mar 24, 2005
    Yes, as Trickyricky indicated, Linux does have a firewall built right into the kernel, and it's a rather good one at that. It's called netfilter and the userspace module is iptables. It allows stateful packet inspection and is normally enabled by default in all modern linux distro's.

    From the commandline, running:

    lsmod |grep ip
    should tell you if the iptables modules are loaded and if iptables is running.

    BTW, most consumer hardware firewall routers (like those from netgear etc) just contain an embedded version of linux running exactly this.

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.