Does Linux Need a Firewall?

I recently got an email asking me, “I’ve heard many techies online say that you don’t need a firewall or antivirus software on Linux, but I thought I would ask a pro about this. Is it necessary or even useful to have these security features enabled; and if so, could you give me some advice on which apps.”

You most definitely need a firewall. I have heard of Linux systems being taken over by Linux hackers finding an open port. You don’t need an antivirus for the Linux system, unless you are moving files over to a Windows system and don’t want to infect it. ClamAV is the program to do this. I also suggest including ClamTk, it is a GUI front-end for ClamAV.

In Ubuntu I used Firestarter as the GUI to set up the firewall. I think it is the easiest. Just download it using the package manager. “Firestarter is a complete firewall tool for Linux machines. It features an easy to use firewall wizard to quickly create a firewall. Using the program you can then open and close ports
with a few clicks, or stealth your machine giving access only to a select few. The real-time hit monitor shows attackers probing your machine.” [Description from Synaptic Package Manager]

Linux Mint comes with the Ufw fire wall and I found it already had a GUI called Gufw. Please note that the firewall is not enabled by default, you have to enable it. Just go into menu > Administration > Configure Firewall. Just check the enable box. That’s it. The default setting of ufw, and therefore of Gufw, is to deny all incoming connections to the system, while allow all outgoing connections. So incoming should say “deny”, outgoing should say “allow”. You don’t need to add any rules unless you are doing something fancy. If that is the case there is already a published tutorial on how to configure Gufw on Ubuntu 9.10. It should be the same for Linux Mint.

Published by

Jay Forrest

Jay N. Forrest is an IT professional, an ordained Humanist minister, and a Certified and Accredited Meditation Teacher.