Which Firewall do you use ?

Chat about just about anything else
linux_rules
Level 3
Level 3
Posts: 155
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Which Firewall do you use ?

Post by linux_rules » Sat Apr 28, 2018 6:23 am

I am using pfsense. I must say its a great product.

Which Firewall do you use ?
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

User avatar
Pjotr
Level 20
Level 20
Posts: 10657
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Which Firewall do you use ?

Post by Pjotr » Sat Apr 28, 2018 6:23 am

Simply ufw of course. I like uncomplicated and effective. Fire and forget. :mrgreen:
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
Moem
Level 16
Level 16
Posts: 6233
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Which Firewall do you use ?

Post by Moem » Sat Apr 28, 2018 6:25 am

UFW with GUFW as a GUI, not that I ever need to tinker with it. It's 'set it and forget it'.
What's so nice about pfsense? I mean, why do you prefer it?
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!

linux_rules
Level 3
Level 3
Posts: 155
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Which Firewall do you use ?

Post by linux_rules » Sat Apr 28, 2018 6:34 am

I too use ufw on my desktop.

@Moem

The fact is security is effective when a multi layered approach is taken.

pfsense is my first layer of defense and ufw the second layer.

Pfsense offers a GUI (web interface) with a lot of fine grained control.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

User avatar
Moem
Level 16
Level 16
Posts: 6233
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Which Firewall do you use ?

Post by Moem » Sat Apr 28, 2018 10:15 am

The fact is: if one firewall is effective, adding an extra one does not add any security. It's like having two roofs: if the outer roof doesn't leak, the second one is not doing anything.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!

linux_rules
Level 3
Level 3
Posts: 155
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Which Firewall do you use ?

Post by linux_rules » Sat Apr 28, 2018 10:27 am

@Moem

Yes you are totally correct but then why do people use routers ?

Other than sharing the connection all routers have in built firewall.

The problem with commercial home routers is that the manufacturers

abandon their products within a couple of years and no longer provide

firmware upgrades which makes them weak security wise. Pfsense on the

other hand provides security patches forever. If your hardware fails thats

altogether a different story.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

linux_rules
Level 3
Level 3
Posts: 155
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Which Firewall do you use ?

Post by linux_rules » Sat Apr 28, 2018 11:01 am

Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650


linux_rules
Level 3
Level 3
Posts: 155
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Which Firewall do you use ?

Post by linux_rules » Sat Apr 28, 2018 11:36 am

administrollaattori wrote:
Sat Apr 28, 2018 11:24 am
None or UFW
You must be using a router. If you dont mind mention your router brand and model.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

dark
Level 3
Level 3
Posts: 113
Joined: Wed Feb 22, 2017 3:02 pm

Re: Which Firewall do you use ?

Post by dark » Sat Apr 28, 2018 11:41 am


User avatar
administrollaattori
Level 14
Level 14
Posts: 5007
Joined: Tue Sep 03, 2013 4:51 am
Location: Finland
Contact:

Re: Which Firewall do you use ?

Post by administrollaattori » Sat Apr 28, 2018 11:43 am

linux_rules wrote:
Sat Apr 28, 2018 11:36 am
administrollaattori wrote:
Sat Apr 28, 2018 11:24 am
None or UFW
You must be using a router. If you dont mind mention your router brand and model.
Not always. :wink:
https://www.grc.com/x/ne.dll?rh1dkyd2

linux_rules
Level 3
Level 3
Posts: 155
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Which Firewall do you use ?

Post by linux_rules » Sat Apr 28, 2018 11:46 am

dark wrote:
Sat Apr 28, 2018 11:41 am
Check OpenSnitch. https://github.com/evilsocket/opensnitch
Very interesting. Thanks for sharing.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

User avatar
majpooper
Level 5
Level 5
Posts: 591
Joined: Thu May 09, 2013 1:56 pm
Location: North Carolina, USA

Re: Which Firewall do you use ?

Post by majpooper » Sat Apr 28, 2018 12:30 pm

linux_rules wrote:
Sat Apr 28, 2018 11:01 am
Please read this

https://www.pcper.com/reviews/General-T ... Insecurity
I agree with you in principle - but if is not in the linux mint repositories then it isn't really secure.

The military definition of "defense in depth" is
". . . mutually supporting defense positions designed to absorb and progressively weaken attack [and to] prevent initial observations of the whole position by the enemy. . . . "
Makes sense for computers and computr networks as well.

I am a huge Steve Gibson fan and listen to his pod-cast Security Now every week. I have in fact installed the Three-Router-Solution. The home router is in the estimation of many so called security experts is the weak link in most home networks.

On the other hand to ensure security of my system/network I never install any application that is not in the linux mint repositories - this is a hard and fast rule for me. And yes I know for certain there are some trusted sites that knowledgeable linux gurus are aware of and utilize even set up PPAs and live happily ever after - but unless you absolutely understand the inter-workings of the app, know the developers or at least know who they are then going outside the linux mint repositories is ill advised. Certainly I would not personally install anything from sites such GitHub.

It is not just that you could be installing malicious software on your system the other concern is when you put something on your system that is not native or from outside the approved repositories and has access to much or all of your system that software can be ripe for exploits. That is why AV software is so dangerous - it has admin/root privileges - if an exploit is found then the hacker has full access to your system - and this unfortunately has happened way more than the developers of such software would like to admit.

linux_rules
Level 3
Level 3
Posts: 155
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Which Firewall do you use ?

Post by linux_rules » Sat Apr 28, 2018 12:42 pm

majpooper wrote:
Sat Apr 28, 2018 12:30 pm
linux_rules wrote:
Sat Apr 28, 2018 11:01 am
Please read this

https://www.pcper.com/reviews/General-T ... Insecurity
I agree with you in principle - but if is not in the linux mint repositories then it isn't really secure.

The military definition of "defense in depth" is
". . . mutually supporting defense positions designed to absorb and progressively weaken attack [and to] prevent initial observations of the whole position by the enemy. . . . "
Makes sense for computers and computr networks as well.

I am a huge Steve Gibson fan and listen to his pod-cast Security Now every week. I have in fact installed the Three-Router-Solution. The home router is in the estimation of many so called security experts is the weak link in most home networks.

On the other hand to ensure security of my system/network I never install any application that is not in the linux mint repositories - this is a hard and fast rule for me. And yes I know for certain there are some trusted sites that knowledgeable linux gurus are aware of and utilize even set up PPAs and live happily ever after - but unless you absolutely understand the inter-workings of the app, know the developers or at least know who they are then going outside the linux mint repositories is ill advised. Certainly I would not personally install anything from sites such GitHub.

It is not just that you could be installing malicious software on your system the other concern is when you put something on your system that is not native or from outside the approved repositories and has access to much or all of your system that software can be ripe for exploits. That is why AV software is so dangerous - it has admin/root privileges - if an exploit is found then the hacker has full access to your system - and this unfortunately has happened way more than the developers of such software would like to admit.
I agree with you 100% but which application do you think I have installed from outside the Mint repos?

If you mean pfsense it is a completely separate firewall distro based on FreeBSD. It is a highly secure and well known product.

I don't install anything outside the official repos.

Thanks for your reply.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

User avatar
stephanieswitzer
Level 2
Level 2
Posts: 73
Joined: Mon Feb 26, 2018 12:49 pm
Location: Ontario

Re: Which Firewall do you use ?

Post by stephanieswitzer » Sat Apr 28, 2018 4:36 pm

I use a Firewall that's installed on my Synology RT2600ac router. It's System wide covers both HTTP and HTTPS. I also have "Express VPN" installed on the router. Works very well and I'm pleased with it's performance.

Like majpooper I only install apps from the Mint repositories. I also use "Dashlane" password manager system wide. A great system that syncs passwords between all my Apple/Mac devices and Linux systems. I recently generated a this PW just for shits and giggles, it would take a while to crack:

Code: Select all

%#$::><,.}{[-)*\|=+!`
:D
Mac-Mini running Linux Mint 19 Cinnamon (Single Boot), Intel© Core™ i5-2415M CPU @ 2.30GHz × 2, 8 GiB, Intel Corporation 2nd Generation Core Processor Family Integrated Graphics Controller

User avatar
AZgl1500
Level 8
Level 8
Posts: 2022
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes sweeping down the plains
Contact:

Re: Which Firewall do you use ?

Post by AZgl1500 » Sat Apr 28, 2018 5:33 pm

Dashlane is good, put it on a friend's computer.

I have used LastPass for 20+ years with good results, likewise, any computer can use it.

Cosmo.
Level 23
Level 23
Posts: 17830
Joined: Sat Dec 06, 2014 7:34 am

Re: Which Firewall do you use ?

Post by Cosmo. » Sat Apr 28, 2018 6:00 pm

linux_rules wrote:
Sat Apr 28, 2018 6:34 am
The fact is security is effective when a multi layered approach is taken.
The problem is, that using 2 personal firewall in the same system can introduce stability issues and in case, that one of the them has a security flaw, this can affect also the other firewall. Every firewall runs with elevated rights and they use necessarily the same kernel. If one of them has a leak, the system has this leak. (If there is no leak, the second firewall can in best case do nothing better than the first.)

Quite obviously configuring 2 firewalls is more complicated and bears much more potential for mistakes than only one. Not only can this disturb the needed network connection; possibly the users does in consequence a configuration mistake, which can destroy the purpose of the firewall completely.

A router firewall is quiet a different thing, because it runs on a different physical system. Leaks in one place cannot affect the other one. If a hardware firewall (router) i no longer safe, because abandoned, you need to replace it. A second software firewall is the wrong and also dangerous measurement..

User avatar
Fred Barclay
Level 12
Level 12
Posts: 4144
Joined: Sat Sep 13, 2014 11:12 am
Location: Bumping around in the bush

Re: Which Firewall do you use ?

Post by Fred Barclay » Sat Apr 28, 2018 7:02 pm

Cosmo. wrote:
Sat Apr 28, 2018 6:00 pm
linux_rules wrote:
Sat Apr 28, 2018 6:34 am
The fact is security is effective when a multi layered approach is taken.
The problem is, that using 2 personal firewall in the same system can introduce stability issues and in case, that one of the them has a security flaw, this can affect also the other firewall. Every firewall runs with elevated rights and they use necessarily the same kernel. If one of them has a leak, the system has this leak. (If there is no leak, the second firewall can in best case do nothing better than the first.)
I'm all for multi-layer security, but I rather agree with Cosmo. I believe that having two firewalls on the same machine is asking for trouble.

If you want multiple firewalls, maybe use a dedicated hardware firewall, install the other firewall on your machine, and route all your network through the dedicated machine? That way you get two firewalls (or three, if you use a decent router).
Image
"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy."
- Albert Einstein

User avatar
majpooper
Level 5
Level 5
Posts: 591
Joined: Thu May 09, 2013 1:56 pm
Location: North Carolina, USA

Re: Which Firewall do you use ?

Post by majpooper » Sat Apr 28, 2018 10:28 pm

OK I see the confusion - pfsense is not a firewall that one installs on a linux mint computer. Or at least one should not. Alhough I see where there are instructions to do so using a VM which seems like a really bad idea. It looks to me that pfsense is a firewall on a separate hardware platform (you can buy it preloaded on their hardware or load it on your own) which can add security in depth. In effect it looks like a router firewall or even a router behind a router firewall I suppose.

So sure, OK if you want to spend the $$$

User avatar
administrollaattori
Level 14
Level 14
Posts: 5007
Joined: Tue Sep 03, 2013 4:51 am
Location: Finland
Contact:

Re: Which Firewall do you use ?

Post by administrollaattori » Sun Apr 29, 2018 2:35 am

In linuxes has no open ports by default, so firewall is unnecessary for desktop user.

Code: Select all

sudo ufw status
netstat -lnptu

Post Reply

Return to “Open chat”