- I have little or no knowledge of the inner workings of the Ubuntu/Linux OS. All I know is from my experience of Windows, is that I have to have a firewall configured and running before I connect to the Internet, otherwise my system would be about as secure as going on holiday and leaving my house with all the doors and windows open.
- I have just migrated to Ubuntu desktop 18.04 LTS and have just logged in for the first time. I want to secure my system before I connect my pc to the Internet.
(NB: Note the emphasis on the word desktop, so any references to server will not be pertinent to the question and therefore irrelevant)
and after some research on this subject I understand this much:
a. Is ufw the default firewall "configuration tool" for Ubuntu? (note it says configuration tool and not the actual firewall) and ufw is installed, but it is not running and is not configured at all, so it has no default rules set out of the box.
b. Gufw is a UI to ufw, but it's not installed by default, or at least that is the case with Ubuntu Desktop 18.04 LTS.
c. iptables is the actual firewall which is built-in to the kernel as a module.
At this point know I can configure ufw as it's easy as abc, hence its name and to use it, as a starting point, you need to set deny (incoming), allow (outgoing) and start it, I also understand I could use Gufw to do this too. So I could just leave it there and do just that.
However, after all my research, I find many articles, questions and blogs on the subject with many views and opinions, many of them stating that you dont need a firewall, there are no open ports, but I am thinking, surely some ports must open when I connect to the internet? which means I am connecting my device to a network and opening up a two way traffic connection, but all the information I have read only serves to make this unclear and ambigous, so I digest all that information and try to make sense of it then reduce it down to a single statement and so a nutshell I summise:
Ubuntu desktop users don't need ufw since it's merely a configuration tool for iptables which is the actual firewall under the hood.
So say I take the above statement literally, then is the following statement true?:
iptables is the built in firewall for Ubuntu Desktop and is fully configured and up and running out of the box with default rules that are sufficiently secure for the average desktop user.
Because if the above is true, then what would be the point in ufw except to provide an uncomplicated interface to iptables, which by all accounts is complicated and furthermore the experts advise you to avoid configuring iptables directly since if you don't know exactly what you are doing, you could easily render your system insecure or unusable, if it is misconfigured?
Please could someone provide a concise, relevant and non-opinion, fact based answer 🙂