Andrew Errington wrote:
I'd agree with you really. Until you start hosting other services on your servers, there's not too much of a need.I'm expecting the answer no.
I have a 24/7 connection to the net. My router has port 22 open, and that's all. Port 22 is directed to a server on my network, which has sshd set up with various recommended restrictions in its config (such as no root login, limited account names permitted etc.).
I guess a firewall could protect other machines on the network, but that's what the router is for. The other machines are laptops anyway, so they need their own local protection as they may or may not be at home. If I *did* have a firewall it would be on another machine, but then, the router does that.
Should I be running ipchains/iptables/whatever locally (on the server, because it's on 24/7, and on the laptops because they might be plugged in to someone else's network). If so, why? And why would I need that on top of locking down sshd on the only open port?
Comments please,
Andy
I would just check and see what ports are open - run an nmap of your server from horse or something - and take any appropriate action. My router has a 'default destination' option, which I don't use! Mind you, you could have some fun with it.
For you, the only real use of a firewall would be to log and stand back in amazement at the number of attempts made on your address!
Cheers,
Steve
