I think it’s better to have one but you probably don’t need multiple layers. When I’m setting up servers nowadays, it’s typically in the cloud and AWS and the like typically have firewalls. So, I don’t really do much on those machines besides change ports to non-standard things. (Like the SSH port should be a random one instead of 22.)
But you should use one if you don’t have an ecosystem where ports can be blocked or forwarded. If nothing else, the constant login attempts from bots will fill up your logs. I disable password logins on web servers and if I don’t change the port, I get a zillion attempts to ssh using “admin” and some common password on port 22. No one gets in but it still requires more compute than just blocking port 22 and making your SSH port something else.
I bought my wife an HP Stream 13 some years back. It came with Windows 8 installed. Which worked just fine until updates bloated it so much it literally took up the entire (paltry) SSD. Windows 10 came out and it offered a free upgrade, which would have been smaller. Unfortunately, every time I tried to do that, it just complained it didn’t have the space to make the switch. I rolled it back to an older Windows 8 and disabled updates to try and keep using it. It complained constantly. I finally deleted the shit out of Windows and installed Lubuntu. It’s worked since then without issue.
It seems that the consensus from all the comments is that you do in fact need a firewall. So my question is how does that look exactly? A hardware firewall device directly between modem and router? I using the software firewall on the router enough? Or, additionally having software firewall installed on all capable devices on the network? A combination of the above?
Depends on your setup. I got a network-level firewall+router setup between my modem and my LAN. But also, got firewalld (friendly wrapper on iptables) on every Linux device I care about because I don’t want to unintentionally expose something to the network.
hm, guess maybe I should find something for Android and my Windows boxes.
And like most things related to Linux on the internet, the consensus is generally incorrect. For a typical home user who isn’t opening ports or taking a development laptop to places with unsecure wifi networks, you don’t really need a firewall. It’s completely superflous. Anything you do to your PC that causes you genuine discomfort will more than likely be your own fault rather than an explicit vulnerability. And if you’re opening ports on your home network to do self-hosting, you’re already inviting trouble and a firewall is, in that scenario, a bandaid on a sucking chest wound you self-inflicted.
I use a remote called the “Pepper Jobs W10 Gyro” and I love it. All the keys are set up for Windows (🤢) shortcuts, but other than that it’s awesome. It would be great for Kodi.
Depends a bit on what features you want to have. I use LibreELEC to run Kodi (and nothing else). Previously I used OSMC to run Kodi and some other things (steam link among others). You can use an app (kore) control kodi, which is very conveniant. RF remotes work well too, apparently.
If anything, a firewall only seems to provide extra precautions against mistakes made by the user, rather than actively preventing bad actors from getting in.
You say that like that isn’t providing value. How many services are listening on a port on your system right now? Run ‘ss -ltpu’ and prepare to be surprised.
Security isn’t about “this will make you secure” it’s about layers of protection and probability. It’s a “good practice” because people make mistakes and having a second line of defense helps reduce the odds of a hack.
Security isn’t about “this will make you secure” it’s about layers of protection and probability. It’s a “good practice” because people make mistakes and having a second line of defense helps reduce the odds of a hack.
AKA Defense In Depth and should be considered for any type of security.
When these launched they seemed interesting. I liked the concept, and they still do, but the biggest flaw was basing them on windows. I’ve seen windows on low-power devices before, and I’m not going through that again.
linux
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.