How much firewall do i need anyway.
Posted: 19 Sep 2014 21:03
I think this is always a good question to ask.
My arris cablemodem has a firewall built in? I have two wireless routers, each with their own firewall enabled. the cable attaches to the cable modem. the first wireless router connects to the cable modem via ethernet cable. the second wireless router connetcs to the fires wireless router with ethernet cable. the computer connects to the second wireless router via ethernet cable and wifi (for the benefit of the roku i use the wifi. double nat concerns require ports to be forwarded from one router to the next but not necessarily on the same port? Should i even bother with a firewall app on my computer as well?
Re: How much firewall do i need anyway.
Posted: 24 Sep 2014 14:49
This is exactly what I'm considering myself as well. There are 2 types of firewalls which are not to be confused because they do completely different things:
1. Port-based firewalls (a lot of people consider this the only REAL firewall)
running on a different maschine, filtering everything by port and maybe some protocoll analysing (if it's a dedicated system usually only used in big networks). This is basically what your routers NAT does. I think this is needed against malevolent intruders from outside and as far as I've heard the NAT does this job quite well, as long as you don't open any additional ports on the router thats the "last frontier". And you have to regularly check the news about your routers vulnabilities and stupid configurations by the routers manufacturers. There where quite a lot recently.
2. Application-based firewalls (what you were asking about)
running on the host system and analysing traffic by process, protokoll and port - this is what most so called "Personal Firewalls" (PFW) under MS Win do. (It may be possible to have something like a app-based FW on a dedicated maschine but this is not payable for a home user which I am and I assume you are too.)
My simple and quite old PFW under MS Win served me well over the years. I regularly caught code - which I would consider malicious - on my system trying to "phone home". Microsoft, Adobe, you name it, they do it. I'm not afraid of some computer criminal trying to intrude on my system (which rarely happens anyway) but I *know* that I'm constantly spied upon by a plethora of private companies and government agencies. There is nothing much I can do against spying on me via the webbrowser but still I don't want to give up just like that.
In the end it's a question of trust: Do you trust all the code running on your maschine? Do you even know which code is running at all times? Do you suspect some of the code running might be malicious without you knowing it? Then an application-based FW would be a good addition.
I trust the Linux core system (as opposed to the MS Win core system). But I have to install software which is not open and I don't trust them. So I would really want a PFW of some kind which stops the code from "phoning home". Since Linux was developed as a server-oriented system by and for computer-geeks ("I compile all the code myself and I know what it's doing") most people don't see the need for a PFW under Linux. But times change: traditionally firewalls worked against illegal intruders but that's not the main concern any more. It's 1984 for several years now.
Is there something like a PFW under Linux? Does ufw work application-based? Anything else?