Re: Why does Debian allow all incoming traffic by default

[Joe <joe@jretrading.com>]

On Fri, 21 Sep 2018 18:04:59 -0400
songbird <songbird@anthive.com> wrote:

> Subhadip Ghosh wrote:
> > Hi,
> >
> > I am using Debian and the recently I learned that a standard Debian 
> > installation allows all 3 types of traffics especially incoming by 
> > default. I know I can easily use iptables to tighten the rules but
> > I wanted to know the reasons behind the choice of this default
> > behaviour and if it makes the system more vulnerable? I tried
> > searching on the Internet but did not get any satisfactory
> > explanation. It will be helpful if anybody knows the answers to my
> > questions or can redirect me to a helpful document.  
> 
>   whenever i install a new system i include ufw (a firewall
> program) just to catch any funny stuff that might try to
> come through.
> 
>   the default settings seem to work well enough and i'm glad
> i don't have to relearn the terminology and rules for iptables.
> 
>   i'm sure a much better solution is to run a separate router
> as it's own layer of firewall may keep a lot of stuff out, 
> but as of yet i'm just not under attack enough to make it
> worth it.
> 

Better to do both. Two layers of NAT work just fine, for anything but
IPSec.

-- 
Joe