This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
start:firewall [2022/05/11 15:10] – peter | start:firewall [2023/09/01 13:43] (current) – peter | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | On Ubuntu and Debian the process is identical, so just open a terminal and type: | + | DATE CHECKED THIS PAGE WAS VALID: 01/09/2023 |
+ | |||
+ | Open a terminal and type: | ||
< | < | ||
Line 5: | Line 7: | ||
</ | </ | ||
- | Once installed just run gufw from the terminal. Make sure you change status to on. In order to open a port just go to rules and an advanced rule opening port 22 would be something like: | + | Once installed just run 'gufw' |
Name: SSH | Name: SSH | ||
Line 77: | Line 79: | ||
</ | </ | ||
- | So assuming we had no firewall setup we can determine a few things: | + | So assuming we had no firewall setup we can determine a few things: |
- | 1) SSH is listening | + | 1) MDNS might respond |
- | 2) My box would reply to other clients with DNS information if queried | + | 2) My box is listening |
- | 3) A program ' | + | 3) My box has several DNS related ports open it might respond to. \\ |
+ | 4) A program ' | ||
+ | 5) Two virtual machines are running and you can VNC to them on 5900 and 5901. \\ | ||
+ | 6) Gnome DE will accept a connection from an RDP client to view my machines screen. \\ | ||
+ | 7) Firefox is doing ' | ||
+ | 8) No machine player is listening on various ports (this is similar to RDP but an alternative method). \\ | ||
+ | |||
+ | So there is quite a lot we found. We should ensure that anything we dont trust is closed, or at least that the ports are blocked by our firewall. | ||
+ | |||
+ | Here is my firewall rules in the GUI app: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | From this image we see that my only open ports are: \\ | ||
+ | 22 for ssh \\ | ||
+ | 4000 for nx \\ | ||
+ | 3389 for rdp \\ | ||
+ | |||
+ | So we can see there is some discrepancy between my rules and what is listening. | ||
+ | |||
+ | So in my case I am intelligently reviewing the rules and only changing what is appropriate. I decided to delete rule opening port 4000 from the firewall application and remove the teamviewer application from my box so that it is not listening or doing anything on my box. I felt this was appropriate in my case, however you might make different or more or less changes. |