Well,
This is, indeed, a really good subject.
This can be misunderstood as not-useful for the majority of the GNU+Linux
users but, let's pretend that Some User One has a GNU+Linux operating system,
and that Some User Two has any operating system and is in the same local
network as Some User One.
Let's pretend that Some User One must be (that means, he's obliged to do so)
running a SSH server, and a SMB server, both running on his operating system.
Everything is OK for both users because they have everything that they
desired.
Now let's pretend that, by a bit of luck, a black hat hacker or an Internet
robot finds the IP address of Some User One's computer. In the case of a
black hat hacker, he could try to break the security of the SSH server; as
for the Internet robot, this one would just try random stuff gathered from
previously infected/invaded victims to break the security of the SSH server.
I don't know for sure why I mentioned the SMB server, but perhaps, depending
on which contents the SMB server shares, it's possible for the black hat
hacker to get some confidential information about anyone, or even transfer
some malicious software to those who joined the network in question.
A firewall, along with an automated banning tool and strong security measures
can solve a lot of problems.
With a firewall, Some User One could block connections from people from
outside his local network by using the correct classless inter-domain routing
notation for his network.
If a firewall is able to, besides filtering ports, also filter the protocols
associated to those ports, the situation gets even more secure because the
firewall will, most of the times, block a wrong request if its protocol
doesn't match the protocol associated to such port.
If the user's computer has an automated banning tool, it'll ban the incoming
user automatically if its connection reaches a certain criteria.
Michal Maslowski is indeed right.
My comment (this one) is just based on life experience, not on knowledge or
skill about such subjects.
Best regards, ADFENO.
Have a nice day.
