Make Debian Fun Again And Learn How To Do Other Cool Stuff Too

User Tools

Site Tools

Trace:
start:firewall

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
start:firewall [2022/05/11 15:11] peterstart:firewall [2023/09/01 13:43] (current) peter
Line 1: Line 1:
-On Ubuntu and Debian the process is identical, so just open a terminal and type:+DATE CHECKED THIS PAGE WAS VALID: 01/09/2023  
 + 
 +Open a terminal and type:
  
 <code> <code>
Line 5: Line 7:
 </code> </code>
  
-Once installed just run gufw from the terminal. Make sure you change status to on. In order to open a port just go to rules and an advanced rule opening port 22 would be something like:+Once installed just run 'gufwfrom the terminal. Make sure you change status to on. In order to open a port just go to rules and an advanced rule opening port 22 would be something like:
  
 Name: SSH Name: SSH
Line 78: Line 80:
  
 So assuming we had no firewall setup we can determine a few things: \\ So assuming we had no firewall setup we can determine a few things: \\
-1) SSH is listening on port 22 for IPv4 and 6. \\ +1) MDNS might respond on UDP 5353 and 47819/47292. I can be hard to know with UDP sometimes. \\ 
-2) My box would reply to other clients with DNS information if queried on TCP 53 for some reason+2) My box is listening on port 22 TCP for SSH connections\\ 
-3) A program 'teamviewer' is listening on 5939 +3) My box has several DNS related ports open it might respond to. \\ 
 +4) A program 'teamviewer' is listening on 5939. \\ 
 +5) Two virtual machines are running and you can VNC to them on 5900 and 5901. \\ 
 +6) Gnome DE will accept a connection from an RDP client to view my machines screen. \\ 
 +7) Firefox is doing 'something'. \\ 
 +8) No machine player is listening on various ports (this is similar to RDP but an alternative method). \\ 
 + 
 +So there is quite a lot we found. We should ensure that anything we dont trust is closed, or at least that the ports are blocked by our firewall. 
 + 
 +Here is my firewall rules in the GUI app: 
 + 
 +{{:images:fwrulewehave.png|}} 
 + 
 +From this image we see that my only open ports are: \\ 
 +22 for ssh \\ 
 +4000 for nx \\ 
 +3389 for rdp \\ 
 + 
 +So we can see there is some discrepancy between my rules and what is listening.  
 + 
 +So in my case I am intelligently reviewing the rules and only changing what is appropriate. I decided to delete rule opening port 4000 from the firewall application and remove the teamviewer application from my box so that it is not listening or doing anything on my box. I felt this was appropriate in my case, however you might make different or more or less changes.
start/firewall.1652281887.txt.gz · Last modified: 2022/05/11 15:11 by peter

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki