Ubuntu Documentation > Ubuntu 9.10 > Keeping Your Computer Safe > Set up a firewall

Set up a firewall

You may wish to install a firewall to protect your computer against unauthorized access by people on the Internet or your network. Firewalls block connections to your computer from unknown sources, which helps to prevent security breaches. If you use a router to connect to the Internet, the router may already have a firewall configured which regulates connections from the Internet to your network. This section deals with setting up a firewall on Ubuntu to regulate connections to your computer.

Firewall configuration tools

Uncomplicated Firewall (UFW) is the standard firewall configuration program in Ubuntu. It is a command line program. Most users will prefer to use Gufw, which is a graphical program to configure UFW.

Advanced users may wish to use UFW directly in the terminal. See the UFW manual or the Community Documentation page on UFW for more information. Alternatively, you can use iptables - see the iptables manual.

Gufw

To install and enable Gufw:

  1. Install the gufw package.

  2. To start Gufw, choose SystemAdministrationFirewall configuration.

  3. To enable the firewall, simply check the box next to Enabled under Actual Status.

The default configuration is to deny connections. This means that a program attempting to connect to your computer will be denied. Certain programs or services which use the internet may require you to add an exception.

To add an exception:

  1. Click Add.

  2. You can choose from Preconfigured options for common programs and services, or you can manually add port exceptions in the Simple or Advanced tabs.

  3. To find out what type of exception a particular program requires, you should consult the help for that program.

For a graphical walkthrough of basic Gufw usage, see the Ubuntu Community Documentation page on Gufw.

Testing the firewall and monitoring network traffic

To test the firewall it is best to scan it from a second computer. A popular application to use is called nmap.

  1. Install the nmap package.

  2. Run: 

                            
                          nmap -vAPN 192.168.1.100
    [Note]

    Substitute the IP address of the computer you want to scan for 192.168.1.100.

  3. To see what services are associated with the open ports, run: 

                            
                          lsof -i -n -P

You can also make use of an online firewall testing service such as ShieldsUP.

Actual monitoring of your network traffic can be done with either Wireshark or Snort. Wireshark can analyze network packets and Snort is used in Network Intrusion Detection Systems (NIDS) and will notify you of unusual traffic.

Prev     Next
Lock your screen while away  Home  Avoid Internet nuisances and crime