| View previous topic :: View next topic |
| Author |
Message |
txykumat
Tux's lil' helper
Joined: 24 Nov 2014
Posts: 104
|
 Posted: Sun May 14, 2017 1:52 pm Post subject: Really Basic Dumb Question I Cannot Find an Answer |
 |
|
I have this gentoo laptop (not hardened) attached via wifi router with SPI firewall or directly attached cable modem with ethernet cable. I set it up so that VPN connection always starts when I boot up the laptop and only connect to internet through VPN. I was wondering if I need to have a firewall (hardware build from old PC, bought, or software one run on gentoo laptop) at all because it does not matter what setup I do on my end, GCR Shields UP! scan always shows same port open and everything else closed, which I presume that VPN server facing internet is firewalled.
Sorry for such a newbie question. I had my router SPI firewall on I never thought of turning on networkfiiler in kernel nor install any firewall on my gentoo laptop.
Please direct me to a relevant forum thread dealing with it. Right now I am reading WIKI on Firewall.
PS.
I do own a red small box of firewall appliance I got from RE PC for $10. But I could never get it to work with my VPN. Seems like I need some kind of subscription from SOHO. |
|
| Back to top |
|
 |
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 47916
Location: 56N 3W
|
| Posted: Sun May 14, 2017 2:23 pm Post subject: |
|
|
txykumat,
Your VPN is only as good as the far end of the pipe.
If there is a firewall there, that you have control over, that may be good enough.
If the far end is wide open to the world, all your VPN does is hide the IP address provided by your ISP.
Oh, it also provides encryption over your wifi, so that anyone getting access to your wifi cannot read your VPN traffic.
Nasty things can still come down the VPN to you.
-- edit --
The only dumb question is the one you never ask as you may never know the answer.
Be on the lookout for dumb answers though.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
krinn
Watchman
Joined: 02 May 2003
Posts: 7467
|
| Posted: Sun May 14, 2017 3:09 pm Post subject: |
|
|
If you use some service to check if your ports are open while using the vpn, the service will catch the vpn IP as your IP is hidden behind it, and ALL the checks will be done against the VPN service.
What it mean is that you will only get answered about the security of the VPN provider, which you shouldn't really care if you're not their admin
In the mean time, your real internet IP exists, and is working, and even nobody can find it directly when you access them (they will see the VPN IP), it doesn't mean random scanner cannot find your IP ; and that's what you should really check: it doesn't mean your network doesn't have open ports and is secure.
So make no mistake on your security status, and re-think who (what IP) is being checked for security before feeling safe. |
|
| Back to top |
|
|
txykumat
Tux's lil' helper
Joined: 24 Nov 2014
Posts: 104
|
| Posted: Sun May 14, 2017 5:45 pm Post subject: |
|
|
| Thank you very much for your input. I appreciate them all. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
