Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Really Basic Dumb Question I Cannot Find an Answer
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
txykumat
Tux's lil' helper
Tux's lil' helper


Joined: 24 Nov 2014
Posts: 104

PostPosted: Sun May 14, 2017 1:52 pm    Post subject: Really Basic Dumb Question I Cannot Find an Answer Reply with quote

I have this gentoo laptop (not hardened) attached via wifi router with SPI firewall or directly attached cable modem with ethernet cable. I set it up so that VPN connection always starts when I boot up the laptop and only connect to internet through VPN. I was wondering if I need to have a firewall (hardware build from old PC, bought, or software one run on gentoo laptop) at all because it does not matter what setup I do on my end, GCR Shields UP! scan always shows same port open and everything else closed, which I presume that VPN server facing internet is firewalled.

Sorry for such a newbie question. I had my router SPI firewall on I never thought of turning on networkfiiler in kernel nor install any firewall on my gentoo laptop.

Please direct me to a relevant forum thread dealing with it. Right now I am reading WIKI on Firewall.

PS.
I do own a red small box of firewall appliance I got from RE PC for $10. But I could never get it to work with my VPN. Seems like I need some kind of subscription from SOHO.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42563
Location: 56N 3W

PostPosted: Sun May 14, 2017 2:23 pm    Post subject: Reply with quote

txykumat,

Your VPN is only as good as the far end of the pipe.
If there is a firewall there, that you have control over, that may be good enough.

If the far end is wide open to the world, all your VPN does is hide the IP address provided by your ISP.
Oh, it also provides encryption over your wifi, so that anyone getting access to your wifi cannot read your VPN traffic.

Nasty things can still come down the VPN to you.

-- edit --

The only dumb question is the one you never ask as you may never know the answer.
Be on the lookout for dumb answers though.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
krinn
Watchman
Watchman


Joined: 02 May 2003
Posts: 6962

PostPosted: Sun May 14, 2017 3:09 pm    Post subject: Reply with quote

If you use some service to check if your ports are open while using the vpn, the service will catch the vpn IP as your IP is hidden behind it, and ALL the checks will be done against the VPN service.

What it mean is that you will only get answered about the security of the VPN provider, which you shouldn't really care if you're not their admin

In the mean time, your real internet IP exists, and is working, and even nobody can find it directly when you access them (they will see the VPN IP), it doesn't mean random scanner cannot find your IP ; and that's what you should really check: it doesn't mean your network doesn't have open ports and is secure.

So make no mistake on your security status, and re-think who (what IP) is being checked for security before feeling safe.
Back to top
View user's profile Send private message
txykumat
Tux's lil' helper
Tux's lil' helper


Joined: 24 Nov 2014
Posts: 104

PostPosted: Sun May 14, 2017 5:45 pm    Post subject: Reply with quote

Thank you very much for your input. I appreciate them all.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum