© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
You may wish to configure a firewall to protect your computer from unauthorized access.
Understanding a few basic concepts will help you configure a firewall and should be sufficient for most desktop users.
First, keep in mind Linux, and thus Ubuntu, is modular. This means that rather then one large program that "does it all" , several smaller applications are used. Often there is more then one option for each individual component.
Firewall
The firewall is called netfilter and by default is permissive, meaning it allows all traffic. netfilter can be configured using a command line program iptables.
Configuration Tools.
There are several tools that can be used to configure a firewall.
UFW is a command line tool included with Ubuntu. To activate your firewall open a terminal and type
[code]sudo ufw enable[/code]
For the vast majority of desktop users ufw is sufficient.
Many people prefer graphical configuration tools and the default graphical tool in Ubuntu is gufw. It can be installed using Add/Remove programs, synaptic, or command line tools and is available from your menu under
System -> Administration -> Firewall Configuration.
To active your firewall , click (check off) the "Enabled" button on the Left, under "Actual Status".
If you prefer, several additional configuration tools are available in the Ubuntu repositories including Firestarter, Guard dog, and Shorewall.
Testing and Monitoring your network traffic (firewall).
Because Ubuntu is modular we have separate options to test and monitor network traffic.
To test your firewall it is best to scan it from a second computer and nmap is a popular application to use. Again you will need to install nmap , then run
[code]nmap -vAPN ip_address[/code]
To see what services are associated with the open ports run
[code]lsof -i -n -P[/code]
Actual monitoring of your network traffic can be done with either wireshark or snort. Wireshark will analyze the network packets (of information) and snort is used in NIDS (Network Intrusion Detection System) and will notify you of unusual traffic.