I don't have a router, but I mostly use my desktop for online shopping and torrenting. So, do I have to enable the firewall? I hope not, because I'm really dumb and I don't think I will be able to configure the firewall.
Ubuntu – Do I need a firewall for the desktop?
firewall
Related Solutions
There are basically 2 ways of seeing if the firewall is configured. You should use both of the methods and verify that the firewall is both configured and configured the way you wish it to be.
First, check that the firewall rules have been applied. Pretty much all modern Linux firewall solutions use iptables for firewall. You can see that there are rules in place with iptables command:
iptables -L
This will return the current set of rules. There can be a few rules in the set even if your firewall rules haven't been applied. Just look for lines that match your given rulesets. This will give you an idea of what rules have been entered to the system. this doesn't guarantee the validity of the rules, only that they have been understood.
Next, you will use a second computer to test for connections against the host in question. This can be easily done with the nmap
command (found in nmap package). Quick and dirty way of checking is:
nmap -P0 10.0.0.10
nmap -P0 -sU 10.0.0.10
Replace the IP address 10.0.0.10 with your destination hosts IP address.
The first line will scan for TCP ports that are open and available from the second computer. Second line will repeat the scan but this time with UDP ports. -P0 flag will prevent the host from being tested with a ICMP Echo packet, but might be blocked by your firewall rules.
The scan might take a while so be patient. There is also a GUI frontend for nmap called zenmap
which makes it a bit easier to interpret the scan results if there is a lot of output.
In most desktop cases you don't need to have a firewall. When you use a router at home, it does already quite a job -- for example, it does network address translation (NAT) such that you only have a local IP -- not reachable from the Internet.
Also, Ubuntu does not open any ports out of the box, so that there is no real danger of anyone trying to hack into your SSH.
Finally, all firewalls actually are different interfaces to the same thing -- the iptables of the Linux kernel.
You really need a firewall if your machine sits in a LAN, with an IP visible for the whole world and you need to open up some ports (for example, you run a server, be that a test web server installation or an SSH server).
Furthermore, a firewall is very useful if you want to limit which addresses are allowed to use an open port on your machine (e.g. you only allow the IP of your lab workstation to connect to the SSH port of your home computer).
Of course, you might want to learn iptables one day :-) However, in that case, learn the iptables and networking first, and then use one of the alternatives which make the life of a network admin easier.
Best Answer
Well, if you say so, I would recommend you do not touch any firewall setting. But, hear me well you will be exposed to all kind of threats in the internet. If some time the system start acting weird, or your PC gets filled with spam/advertisement, software you never installed is there, you notice that your bank account is empty, don't get scared. And no, this is not an FUD. Without any kind of layer of protection, his system (and himself) will be vulnerable to all kind of attacks from the internet.
If you don't know how to setup a Firewall and have no router I recommend you to read: