Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
I didn't setup iptables for a week after install, am I safe?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
floattt
n00b
n00b


Joined: 26 Jul 2015
Posts: 1

PostPosted: Sun Jul 26, 2015 8:43 am    Post subject: I didn't setup iptables for a week after install, am I safe? Reply with quote

I know I'm going to come off as a total noob, but I forgot to setup my iptables rules for a week after install. OUTPUT, INPUT and FORWARD were set to ACCEPT during this time. Is my computer still safe? I'm behind a router so I'm assuming yes, but I want to make sure. Sorry for my ignorance.
Back to top
View user's profile Send private message
Keruskerfuerst
Advocate
Advocate


Joined: 01 Feb 2006
Posts: 2288
Location: near Augsburg, Germany

PostPosted: Sun Jul 26, 2015 10:42 am    Post subject: Reply with quote

If you are a home user, you should use a hardware firewall (200€+).
Just open those ports, which are used by your porgrams.
Back to top
View user's profile Send private message
jonathan183
Guru
Guru


Joined: 13 Dec 2011
Posts: 308

PostPosted: Sun Jul 26, 2015 12:32 pm    Post subject: Reply with quote

It depends on how your router is configured and if you have any services listening to ports.

When I have had routers provided by an ISP they usually come configured to allow all outgoing connections, and reject or drop all incomming ports which are not associated with an outgoing connection. This would be good enough for most home use cases - provided the host you setup was not in a DMZ.

If you are still concerned then backup the /etc tree and do a fresh install, and only copy back config files you need one at a time. Taking a copy of /var/lib/portage/world will give you a list of things you have installed. A copy of .bash_history will help you run through the same commands as you did with the previous install ;)
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42563
Location: 56N 3W

PostPosted: Sun Jul 26, 2015 4:31 pm    Post subject: Reply with quote

floattt,

Depending on how you set up your system, you may not need a firewall at all.

Firewalls are good for two things,
a) they stop nasty stuff from getting in
b) they stop nasty stuff that has got in from phoning home.

You can achieve a) by not running anything that listens to the internet. Gentoo does not start any services for you. You need to add them to a runlevel or start them yourself.
Most home firewalls are capable of b) but its a pain to set up, so its turned off.

What ports does your router forward to your PC?

A firewall will not stop nasties that you invite in, e.g. by browsing iffy websites.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Buffoon
Veteran
Veteran


Joined: 17 Jun 2015
Posts: 1074
Location: EU or US

PostPosted: Sun Jul 26, 2015 5:14 pm    Post subject: Reply with quote

None of my boxes behind NAT have firewall.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42563
Location: 56N 3W

PostPosted: Sun Jul 26, 2015 5:23 pm    Post subject: Reply with quote

Buffoon,

I have a fairly paranoid firewall running in a KVN that covers my whole network.
Its paranoid because it used to protect Windows boxes too.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum