[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewall package for laptop wi-fi client

Russell L. Harris:
> * tv.debian@googlemail.com <tv.debian@googlemail.com> [110103 09:24]:
>> But if you do only web browsing and email and don't run any
>> web-facing services you should be fine anyway.
> I do not understand; what is a "web-facing service"?

It is a program accepting random connections from arbitrary source
addresses ("the internet"), like a web/FTP/mail server. In order to
check which programs listens on which port, post the output from
'netstat -tulpn' (run as root).

You should be aware that most people in here translate "firewall" as
"packet filter". Configuring a packet filter requires knowledge of
TCP/IP networking, so if you don't understand the term above, but still
feel the need to "secure" your system, you will need to learn about

>> The major threats are web browser security holes (update often)
>> especially through flash and java plug-ins, and pdf.
> Flash and java are in most web pages.  Does a firewall not protect
> against these threats?

If firewall == "packet filter": No. Otherwise: Maybe, but probably not.

> or are browser updates necessary even with a firewall?


>> Firewall alone won't protect you from man in the middle and such
>> niceties on open untrusted networks.
> Understood.  This need is for socializing around the table at
> StarBucks, Internet cafes, etc.  

Check for open ports (see the netstat-command above), always install the
latest upgrades and make sure to use encrypted connections whenever

If I could travel in time I would show my minidisc to the Romans and
become Caesar until the batteries ran out.
[Agree]   [Disagree]

Attachment: signature.asc
Description: Digital signature

Reply to: