What are the risks of NOT using a firewall (home computer)?

security firewall nat router

Since a password is required to be a superuser (to install and modify programs), what are the risks to not use a firewall under Ubuntu ? More particularly if I am using a NAT router ?


Solution 1:

It depends. Most people use a router between their desktop and the internet and by default there are no sigificant open ports, so in the vast majority of user cases a firewall adds very litte, if anything.

It can help if you inadvertantly install a server, such as VNC or SSH.

A better question is what do you want to use a firewall for ?

See:

https://wiki.ubuntu.com/SecurityTeam/FAQ#UFW

https://wiki.ubuntu.com/SecurityTeam/Policies#No_Open_Ports

https://help.ubuntu.com/community/UFW

If you want a graphical tool for your firewall, use gufw

enter image description here

Solution 2:

It sounds like the question is about a host-based firewall on an Ubuntu PC.

IF the machine never leaves the NAT-based network (ie, it is not a laptop that you take to coffee shops and use on free wifi networks),

AND there are no ports open on your router that could be mapped to your Ubuntu machine,

AND your router doesn't have any features which helpfully open ports for you based on things that happen on your network (UPnP)

AND you will never have any other devices on your local network that might be compromised and attack your Ubuntu box,

THEN your system is probably secure without a host-based firewall.

However, if some of these things aren't true, or might become untrue in the future, a host-based firewall is a really good idea. Given the potential benefits and the limited drawbacks, why not enable it?

Solution 3:

Using a NAT, if you have no port forwarding to your machine, it is not accessible from the internet unless you explicitly open a connection to it (with vnc or teamviewer for example) so I think there is no problem not using a firewall on it. The unique worry could come from internal (LAN) access but usually not the case on home lan.

Solution 4:

None whatsoever.

The function of a firewall is to block access to services that otherwise would allow it. Ubuntu has no listening services by default, so there is nothing to block. Further, since you are behind a NAT router, you already effectively have a firewall.

Solution 5:

I think one of the most used firewall feature is to prevent "cracked" programs to check the license on internet. If the "cracked" application doesn't need to be update or doesn't use "online" features, you can prevent it to accessing the internet by setting up a specific firewall rule. Sad but true.

Related

Why does `type which` say that `which is hashed`?
How to set wifi driver settings to prefer 5 GHz channel above 2.4 GHz
How do I move clock to the right end of GNOME 3 Panel from the middle?
Error while unzipping: need PK compat. v5.1 (can do v4.6)
Must copy and rename file
How do I know the device path to an USB-stick?
Best workflow to release updated config files without breaking already existing customization
gcloud not recognized as an internal or external command on Windows
Email body doesn't show when using an Intent
in NetworkX draw the graph dividing the plot area in 3
Get mySQL MONTH() to use leading zeros?
jQuery / Ajax - $.ajax() Passing Parameters to Callback - Good Pattern to Use?